chore: rename docs-nextra to docs

.eslintignore

@@ -0,0 +1,74 @@
+.eslintrc.js
+.cache-loader
+.DS_Store
+.pnpm-debug.log
+.turbo
+.vscode/generated*
+/_work
+/actions-runner
+node_modules
+patches
+pnpm-lock.yaml
+.github/actions/issue-validator/index.mjs
+*.cjs
+*.js
+*.d.ts
+*.d.ts.map
+
+.svelte-kit
+.next
+.nuxt
+
+# --------------- Docs ---------------
+
+.docusaurus
+build
+docs/pages/reference/core
+docs/pages/reference/sveltekit
+docs/pages/reference/adapter
+static
+
+#  TODO: Enable
+docs-nextra
+
+# --------------- Packages ---------------
+
+coverage
+dist
+
+# @auth/core
+packages/core/src/providers/oauth-types.ts
+packages/core/src/lib/pages/styles.ts
+
+# @auth/sveltekit
+packages/frameworks-sveltekit/package
+packages/frameworks-sveltekit/vite.config.{js,ts}.timestamp-*
+
+# next-auth
+packages/next-auth/src/providers/oauth-types.ts
+packages/next-auth/css/index.css
+
+
+# Adapters
+.branches
+db.sqlite
+dev.db
+dynamodblocal-bin
+firebase-debug.log
+firestore-debug.log
+migrations
+test.schema.gql
+
+# --------------- Apps ---------------
+
+
+# Examples should have their own Prettier config since they are templates too
+apps/example-sveltekit
+
+# Development app
+apps
+
+
+# --------------- Tests ---------------
+# TODO: these should be linted
+packages/**/*test*

.eslintrc.js

@@ -0,0 +1,75 @@
+// @ts-check
+
+/** @type {import("eslint").ESLint.ConfigData} */
+module.exports = {
+  env: { browser: true, es2022: true, node: true },
+  extends: ["eslint:recommended", "prettier"],
+  overrides: [
+    {
+      files: ["*.ts", "*.tsx"],
+      parser: "@typescript-eslint/parser",
+      parserOptions: {
+        project: ["./packages/**/tsconfig.json", "./apps/**/tsconfig.json"],
+      },
+      settings: { react: { version: "18" } },
+      extends: [
+        "plugin:react/recommended",
+        "plugin:react/jsx-runtime",
+        "standard-with-typescript",
+        "prettier",
+      ],
+      rules: {
+        "@typescript-eslint/explicit-function-return-type": "off",
+        "@typescript-eslint/method-signature-style": "off",
+        "@typescript-eslint/naming-convention": "off",
+        "@typescript-eslint/no-non-null-assertion": "off",
+        "@typescript-eslint/restrict-template-expressions": "off",
+        "@typescript-eslint/strict-boolean-expressions": "off",
+        "react/prop-types": "off",
+        "react/no-unescaped-entities": "off",
+      },
+    },
+    {
+      files: ["*.test.ts", "*.test.js"],
+      extends: ["plugin:jest/recommended"],
+      env: { jest: true },
+    },
+    // {
+    //   files: ["docs/**"],
+    //   plugins: ["@docusaurus"],
+    //   extends: ["plugin:@docusaurus/recommended"],
+    // },
+    {
+      // TODO: Expand to all packages
+      files: ["packages/{core,sveltekit}/*.ts"],
+      plugins: ["jsdoc"],
+      extends: ["plugin:jsdoc/recommended"],
+      rules: {
+        "jsdoc/require-param": "off",
+        "jsdoc/require-returns": "off",
+        "jsdoc/require-jsdoc": [
+          "warn",
+          { publicOnly: true, enableFixer: false },
+        ],
+        "jsdoc/no-multi-asterisks": ["warn", { allowWhitespace: true }],
+        "jsdoc/tag-lines": "off",
+      },
+    },
+    {
+      files: ["packages/frameworks-sveltekit"],
+      plugins: ["svelte3"],
+      overrides: [{ files: ["*.svelte"], processor: "svelte3/svelte3" }],
+      settings: {
+        "svelte3/typescript": () => require("typescript"),
+      },
+      parserOptions: { sourceType: "module", ecmaVersion: 2020 },
+      env: { browser: true, es2017: true, node: true },
+    },
+  ],
+  parserOptions: {
+    sourceType: "module",
+    ecmaVersion: "latest",
+    ecmaFeatures: { jsx: true },
+  },
+  root: true,
+}

.github/ISSUE_TEMPLATE/3_bug_adapter.yml

@@ -29,10 +29,10 @@ body:
         - "@next-auth/mongodb-adapter"
         - "@next-auth/neo4j-adapter"
         - "@next-auth/pouchdb-adapter"
-        - "@auth/prisma-adapter"
+        - "@next-auth/prisma-adapter"
         - "@next-auth/sequelize-adapter"
         - "@next-auth/supabase-adapter"
-        - "@auth/typeorm-adapter"
+        - "@next-auth/typeorm-legacy-adapter"
         - "@next-auth/upstash-redis-adapter"
         - "@next-auth/xata-adapter"
     validations:

.github/issue-labeler.yml

@@ -25,7 +25,7 @@ pouchdb:
   - "@next-auth/pouchdb-adapter"
 
 prisma:
-  - "@auth/prisma-adapter"
+  - "@next-auth/prisma-adapter"
 
 sequelize:
   - "@next-auth/sequelize-adapter"
@@ -33,8 +33,8 @@ sequelize:
 supabase:
   - "@next-auth/supabase-adapter"
 
-typeorm:
-  - "@auth/typeorm-adapter"
+typeorm-legacy:
+  - "@next-auth/typeorm-legacy-adapter"
 
 upstash-redis:
   - "@next-auth/upstash-redis-adapter"

.github/pr-labeler.yml

@@ -2,7 +2,7 @@
 adapters: ["packages/core/src/adapters.ts", "packages/adapter-*/**/*"]
 core: ["packages/core/src/**/*"]
 dgraph: ["packages/adapter-dgraph/**/*"]
-documentation: ["packages/docs/docs/**/*"]
+documentation: ["packages/docs/pages/**/*"]
 dynamodb: ["packages/adapter-dynamodb/**/*"]
 examples: ["apps/examples/**/*"]
 fauna: ["packages/adapter-fauna/**/*"]
@@ -21,6 +21,6 @@ solidjs: ["packages/frameworks-solid-start/**/*"]
 supabase: ["packages/adapter-supabase/**/*"]
 svelte: ["packages/frameworks-sveltekit/**/*"]
 test: ["**test**/*"]
-typeorm: ["packages/adapter-typeorm/**/*"]
+typeorm-legacy: ["packages/adapter-typeorm-legacy/**/*"]
 upstash-redis: ["packages/adapter-upstash-redis/**/*"]
 xata: ["packages/adapter-xata/**/*"]

.github/sync.yml

@@ -1,3 +1,5 @@
+# Note that nextauthjs/next-auth-example syncs from the v4 branch
+
 nextauthjs/sveltekit-auth-example:
   - source: apps/examples/sveltekit
     dest: .
@@ -18,10 +20,3 @@ nextauthjs/next-auth-gatsby-example:
     deleteOrphaned: true
   - .github/FUNDING.yml
   - LICENSE
-
-nextauthjs/next-auth-example:
-  - source: apps/examples/nextjs
-    dest: .
-    deleteOrphaned: true
-  - .github/FUNDING.yml
-  - LICENSE

.github/version-pr/index.js

@@ -5,15 +5,14 @@ const core = require("@actions/core")
 try {
   const packageJSONPath = path.join(
     process.cwd(),
-    `packages/${process.env.PACKAGE_PATH || "next-auth"}/package.json`
+    "packages/next-auth/package.json"
   )
   const packageJSON = JSON.parse(fs.readFileSync(packageJSONPath, "utf8"))
 
   const sha8 = process.env.GITHUB_SHA.substring(0, 8)
-  const prefix = "0.0.0-"
-  const pr = process.env.PR_NUMBER
-  const source = pr ? `pr.${pr}` : "manual"
-  const packageVersion = `${prefix}${source}.${sha8}`
+  const prNumber = process.env.PR_NUMBER
+
+  const packageVersion = `0.0.0-pr.${prNumber}.${sha8}`
   packageJSON.version = packageVersion
   core.setOutput("version", packageVersion)
   fs.writeFileSync(packageJSONPath, JSON.stringify(packageJSON))

.github/workflows/release.yml

@@ -8,54 +8,6 @@ on:
       - next
       - 3.x
   pull_request:
-  # TODO: Support latest releases
-  workflow_dispatch:
-    inputs:
-      name: 
-        type: choice
-        description: Package name (npm)
-        options:
-        - "@auth/core"
-        - "@auth/nextjs"
-        - "@auth/dgraph-adapter"
-        - "@auth/drizzle-adapter"
-        - "@auth/dynamodb-adapter"
-        - "@auth/fauna-adapter"
-        - "@auth/firebase-adapter"
-        - "@auth/mikro-orm-adapter"
-        - "@auth/mongodb-adapter"
-        - "@auth/neo4j-adapter"
-        - "@auth/pouchdb-adapter"
-        - "@auth/prisma-adapter"
-        - "@auth/sequelize-adapter"
-        - "@auth/supabase-adapter"
-        - "@auth/typeorm-adapter"
-        - "@auth/upstash-redis-adapter"
-        - "@auth/xata-adapter"
-        - "next-auth"
-      # TODO: Infer from package name
-      path:
-        type: choice
-        description: Directory name (packages/*)
-        options:
-        - "core"
-        - "frameworks-nextjs"
-        - "adapter-dgraph"
-        - "adapter-drizzle"
-        - "adapter-dynamodb"
-        - "adapter-fauna"
-        - "adapter-firebase"
-        - "adapter-mikro-orm"
-        - "adapter-mongodb"
-        - "adapter-neo4j"
-        - "adapter-pouchdb"
-        - "adapter-prisma"
-        - "adapter-sequelize"
-        - "adapter-supabase"
-        - "adapter-typeorm"
-        - "adapter-upstash-redis"
-        - "adapter-xata"
-        - "next-auth"
 
 jobs:
   test:
@@ -72,7 +24,6 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18
-          cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Run tests
@@ -122,7 +73,6 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18
-          cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Publish to npm and GitHub
@@ -147,7 +97,6 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18
-          cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Determine version
@@ -173,36 +122,3 @@ jobs:
         env:
           VERSION: ${{ steps.determine-version.outputs.version }}
           GITHUB_TOKEN: ${{ secrets.GH_PAT }}
-  release-manual:
-    name: Publish manually
-    runs-on: ubuntu-latest
-    if: ${{ github.event_name == 'workflow_dispatch' }}
-    steps:
-      - name: Init
-        uses: actions/checkout@v3
-      - name: Install pnpm
-        uses: pnpm/action-setup@v2.2.4
-      - name: Setup Node
-        uses: actions/setup-node@v3
-        with:
-          node-version: 18
-          cache: "pnpm"
-      - name: Install dependencies
-        run: pnpm install
-      - name: Determine version
-        uses: ./.github/version-pr
-        id: determine-version
-        env:
-          PACKAGE_PATH: ${{ github.event.inputs.path }}
-      - name: Publish to npm
-        run: |
-          pnpm build
-          cd packages/$PACKAGE_PATH
-          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
-          pnpm publish --no-git-checks --access public --tag experimental
-          echo "🎉 Experimental release published 📦️ on npm: https://npmjs.com/package/${{ github.event.inputs.name }}/v/${{ env.VERSION }}"
-          echo "Install via: pnpm add ${{ github.event.inputs.name }}@${{ env.VERSION }}"
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-          PACKAGE_PATH: ${{ github.event.inputs.path }}
-          VERSION: ${{ steps.determine-version.outputs.version }}

.gitignore

@@ -43,7 +43,6 @@ packages/*/*.d.ts.map
 apps/dev/src/css
 apps/dev/prisma/migrations
 apps/dev/typeorm
-apps/dev/nextjs-2
 
 # VS
 /.vs/slnx.sqlite-journal
@@ -83,8 +82,7 @@ packages/core/src/providers/oauth-types.ts
 packages/core/lib
 packages/core/providers
 packages/core/src/lib/pages/styles.ts
-docs/docs/reference/core
-docs/docs/reference/sveltekit
+docs/pages/reference/core
 
 
 # SvelteKit
@@ -94,7 +92,8 @@ packages/frameworks-sveltekit/.svelte-kit
 packages/frameworks-sveltekit/package
 packages/frameworks-sveltekit/vite.config.js.timestamp-*
 packages/frameworks-sveltekit/vite.config.ts.timestamp-*
+docs/pages/reference/sveltekit
 
 # Adapters
 
-docs/docs/reference/adapter
+docs/pages/reference/adapter

.prettierignore

@@ -13,16 +13,14 @@ pnpm-lock.yaml
 *.d.ts.map
 
 .svelte-kit
-.next
 .nuxt
 
 # --------------- Docs ---------------
 
-.docusaurus
-build
-docs/docs/reference/core
-docs/docs/reference/sveltekit
-static
+.next
+docs/pages/reference/core
+docs/pages/reference/sveltekit
+docs/pages/reference/adapter
 docs/providers.json
 
 # --------------- Packages ---------------

.prettierrc.js

@@ -0,0 +1,22 @@
+// @ts-check
+
+/** @type {import("prettier").Config} */
+module.exports = {
+  semi: false,
+  singleQuote: false,
+  overrides: [
+    {
+      files: [
+        "apps/dev/nextjs/pages/api/auth/[...nextauth].ts",
+        "docs/{sidebars,docusaurus.config}.js",
+      ],
+      options: { printWidth: 150 },
+    },
+    {
+      files: ["**/*package.json"],
+      options: {
+        trailingComma: "none",
+      },
+    },
+  ],
+}

apps/dev/nextjs-v4/.env.local.example

@@ -1,58 +0,0 @@
-# Rename file to .env.local (or .env) and populate values
-# to be able to run the dev app
-
-NEXTAUTH_URL=http://localhost:3000
-
-# You can use `openssl rand -hex 32` or 
-# https://generate-secret.vercel.app/32 to generate a secret.
-# Note: Changing a secret may invalidate existing sessions
-# and/or verification tokens.
-NEXTAUTH_SECRET=secret
-
-AUTH0_ID=
-AUTH0_SECRET=
-AUTH0_ISSUER=
-
-KEYCLOAK_ID=
-KEYCLOAK_SECRET=
-KEYCLOAK_ISSUER=
-
-IDS4_ID=
-IDS4_SECRET=
-IDS4_ISSUER=
-
-GITHUB_ID=
-GITHUB_SECRET=
-
-TWITCH_ID=
-TWITCH_SECRET=
-
-TWITTER_ID=
-TWITTER_SECRET=
-
-LINE_ID=
-LINE_SECRET=
-
-TRAKT_ID=
-TRAKT_SECRET=
-
-# Example configuration for a Gmail account (will need SMTP enabled)
-EMAIL_SERVER=smtps://user@gmail.com:password@smtp.gmail.com:465
-EMAIL_FROM=user@gmail.com
-
-# Note: If using with Prisma adapter, you need to use a `.env`
-# file rather than a `.env.local` file to configure env vars.
-# Postgres: DATABASE_URL=postgres://nextauth:password@127.0.0.1:5432/nextauth?synchronize=true
-# MySQL:    DATABASE_URL=mysql://nextauth:password@127.0.0.1:3306/nextauth?synchronize=true
-# MongoDB:  DATABASE_URL=mongodb://nextauth:password@127.0.0.1:27017/nextauth?synchronize=true
-DATABASE_URL=
-
-WIKIMEDIA_ID=
-WIKIMEDIA_SECRET=
-
-# Supabase Example Configuration
-# Supabase Example Configuration
-# NEXT_PUBLIC_SUPABASE_URL=http://localhost:54321
-# SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSJ9.vI9obAHOGyVVKa3pD--kJlyxp-Z2zV9UUMAhKpNLAcU
-# SUPABASE_JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
-# NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24ifQ.625_WdcF3KHqz5amU0x2X5WWHP-OEs_4qj0ssLNHzTs

apps/dev/nextjs-v4/.vscode/settings.json

@@ -1,4 +0,0 @@
-{
-  "typescript.tsdk": "../../node_modules/.pnpm/typescript@4.8.4/node_modules/typescript/lib",
-  "typescript.enablePromptUseWorkspaceTsdk": true
-}

apps/dev/nextjs-v4/README.md

@@ -1,6 +0,0 @@
-# NextAuth.js Development App
-
-This folder contains a Next.js app using NextAuth.js for local development. See the following section on how to start:
-
-[Setting up local environment
-](https://github.com/nextauthjs/next-auth/blob/main/CONTRIBUTING.md#setting-up-local-environment)

apps/dev/nextjs-v4/app/api/auth/[...nextauth]/route.ts

@@ -1,14 +0,0 @@
-import NextAuth, { type NextAuthOptions } from "next-auth"
-import GitHub from "next-auth/providers/github"
-
-export const authOptions: NextAuthOptions = {
-  providers: [
-    GitHub({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-  ],
-}
-
-const handler = NextAuth(authOptions)
-export { handler as GET, handler as POST }

apps/dev/nextjs-v4/app/layout.tsx

@@ -1,12 +0,0 @@
-export default function RootLayout({
-  children,
-}: {
-  children: React.ReactNode
-}) {
-  return (
-    <html>
-      <head></head>
-      <body>{children}</body>
-    </html>
-  )
-}

apps/dev/nextjs-v4/app/server-component/page.tsx

@@ -1,6 +0,0 @@
-import { getServerSession } from "next-auth/next"
-
-export default async function Page() {
-  const session = await getServerSession()
-  return <pre>{JSON.stringify(session, null, 2)}</pre>
-}

apps/dev/nextjs-v4/components/access-denied.js

@@ -1,20 +0,0 @@
-import { signIn } from "next-auth/react"
-
-export default function AccessDenied() {
-  return (
-    <>
-      <h1>Access Denied</h1>
-      <p>
-        <a
-          href="/api/auth/signin"
-          onClick={(e) => {
-            e.preventDefault()
-            signIn()
-          }}
-        >
-          You must be signed in to view this page
-        </a>
-      </p>
-    </>
-  )
-}

apps/dev/nextjs-v4/components/footer.js

@@ -1,28 +0,0 @@
-import Link from "next/link"
-import styles from "./footer.module.css"
-import packageJSON from "package.json"
-
-export default function Footer() {
-  return (
-    <footer className={styles.footer}>
-      <hr />
-      <ul className={styles.navItems}>
-        <li className={styles.navItem}>
-          <a href="https://next-auth.js.org">Documentation</a>
-        </li>
-        <li className={styles.navItem}>
-          <a href="https://www.npmjs.com/package/next-auth">NPM</a>
-        </li>
-        <li className={styles.navItem}>
-          <a href="https://github.com/nextauthjs/next-auth-example">GitHub</a>
-        </li>
-        <li className={styles.navItem}>
-          <Link href="/policy">Policy</Link>
-        </li>
-        <li className={styles.navItem}>
-          <em>{packageJSON.version}</em>
-        </li>
-      </ul>
-    </footer>
-  )
-}

apps/dev/nextjs-v4/components/footer.module.css

@@ -1,14 +0,0 @@
-.footer {
-  margin-top: 2rem;
-}
-
-.navItems {
-  margin-bottom: 1rem;
-  padding: 0;
-  list-style: none;
-}
-
-.navItem {
-  display: inline-block;
-  margin-right: 1rem;
-}

apps/dev/nextjs-v4/components/header.js

@@ -1,103 +0,0 @@
-import Link from "next/link"
-import { signIn, signOut, useSession } from "next-auth/react"
-import styles from "./header.module.css"
-
-// The approach used in this component shows how to built a sign in and sign out
-// component that works on pages which support both client and server side
-// rendering, and avoids any flash incorrect content on initial page load.
-export default function Header() {
-  const { data: session, status } = useSession()
-
-  return (
-    <header>
-      <noscript>
-        <style>{".nojs-show { opacity: 1; top: 0; }"}</style>
-      </noscript>
-      <div className={styles.signedInStatus}>
-        <p
-          className={`nojs-show ${
-            !session && status === "loading" ? styles.loading : styles.loaded
-          }`}
-        >
-          {!session && (
-            <>
-              <span className={styles.notSignedInText}>
-                You are not signed in
-              </span>
-              <a
-                href="/api/auth/signin"
-                className={styles.buttonPrimary}
-                onClick={(e) => {
-                  e.preventDefault()
-                  signIn()
-                }}
-              >
-                Sign in
-              </a>
-            </>
-          )}
-          {session && (
-            <>
-              {session.user.image && (
-                <img src={session.user.image} className={styles.avatar} />
-              )}
-              <span className={styles.signedInText}>
-                <small>Signed in as</small>
-                <br />
-                <strong>{session.user.email} </strong>
-                {session.user.name ? `(${session.user.name})` : null}
-              </span>
-              <a
-                href="/api/auth/signout"
-                className={styles.button}
-                onClick={(e) => {
-                  e.preventDefault()
-                  signOut()
-                }}
-              >
-                Sign out
-              </a>
-            </>
-          )}
-        </p>
-      </div>
-      <nav>
-        <ul className={styles.navItems}>
-          <li className={styles.navItem}>
-            <Link href="/">Home</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/client">Client</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/server">Server</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/protected">Protected</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/protected-ssr">Protected(SSR)</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/api-example">API</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/credentials">Credentials</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/email">Email</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/middleware-protected">Middleware protected</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/supabase-client-rls">Supabase RLS</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/supabase-ssr">Supabase RLS(SSR)</Link>
-          </li>
-        </ul>
-      </nav>
-    </header>
-  )
-}

apps/dev/nextjs-v4/components/header.module.css

@@ -1,92 +0,0 @@
-/* Set min-height to avoid page reflow while session loading */
-.signedInStatus {
-  display: block;
-  min-height: 4rem;
-  width: 100%;
-}
-
-.loading,
-.loaded {
-  position: relative;
-  top: 0;
-  opacity: 1;
-  overflow: hidden;
-  border-radius: 0 0 .6rem .6rem;
-  padding: .6rem 1rem;
-  margin: 0;
-  background-color: rgba(0,0,0,.05);
-  transition: all 0.2s ease-in;
-}
-
-.loading {
-  top: -2rem;
-  opacity: 0;
-}
-
-.signedInText,
-.notSignedInText {
-  position: absolute;
-  padding-top: .8rem;
-  left: 1rem;
-  right: 6.5rem;
-  white-space: nowrap;
-  text-overflow: ellipsis;
-  overflow: hidden;
-  display: inherit;  
-  z-index: 1;
-  line-height: 1.3rem;
-}
-
-.signedInText {
-  padding-top: 0rem;
-  left: 4.6rem;
-}
-
-.avatar {
-  border-radius: 2rem;
-  float: left;
-  height: 2.8rem;
-  width: 2.8rem;
-  background-color: white;
-  background-size: cover;
-  background-repeat: no-repeat;
-}
-
-.button,
-.buttonPrimary {
-  float: right;
-  margin-right: -.4rem;
-  font-weight: 500;
-  border-radius: .3rem;
-  cursor: pointer;
-  font-size: 1rem;
-  line-height: 1.4rem;
-  padding: .7rem .8rem;
-  position: relative;
-  z-index: 10;
-  background-color: transparent;
-  color: #555;
-}
-
-.buttonPrimary {
-  background-color: #346df1;
-  border-color: #346df1;
-  color: #fff;
-  text-decoration: none;
-  padding: .7rem 1.4rem;
-}
-
-.buttonPrimary:hover {
-  box-shadow: inset 0 0 5rem rgba(0,0,0,0.2)
-}
-
-.navItems {
-  margin-bottom: 2rem;
-  padding: 0;
-  list-style: none;
-}
-
-.navItem {
-  display: inline-block;
-  margin-right: 1rem;
-}

apps/dev/nextjs-v4/components/layout.js

@@ -1,14 +0,0 @@
-import Header from 'components/header'
-import Footer from 'components/footer'
-
-export default function Layout ({ children }) {
-  return (
-    <>
-      <Header />
-      <main>
-        {children}
-      </main>
-      <Footer />
-    </>
-  )
-}

apps/dev/nextjs-v4/middleware.ts

@@ -1,45 +0,0 @@
-export { default } from "next-auth/middleware"
-
-export const config = { matcher: ["/middleware-protected"] }
-
-// Other ways to use this middleware
-
-// import withAuth from "next-auth/middleware"
-// import { withAuth } from "next-auth/middleware"
-
-// export function middleware(req, ev) {
-//   return withAuth(req)
-// }
-
-// export function middleware(req, ev) {
-//   return withAuth(req, ev)
-// }
-
-// export function middleware(req, ev) {
-//   return withAuth(req, {
-//     callbacks: {
-//       authorized: ({ token }) => !!token,
-//     },
-//   })
-// }
-
-// export default withAuth(function middleware(req, ev) {
-//   console.log(req.nextauth.token)
-// })
-
-// export default withAuth(
-//   function middleware(req, ev) {
-//     console.log(req, ev)
-//   },
-//   {
-//     callbacks: {
-//       authorized: ({ token }) => token.name === "Balázs Orbán",
-//     },
-//   }
-// )
-
-// export default withAuth({
-//   callbacks: {
-//     authorized: ({ token }) => !!token,
-//   },
-// })

apps/dev/nextjs-v4/next.config.js

@@ -1,9 +0,0 @@
-/** @type {import("next").NextConfig} */
-module.exports = {
-  webpack(config) {
-    config.experiments = { ...config.experiments, topLevelAwait: true }
-    return config
-  },
-  experimental: { appDir: true },
-  typescript: { ignoreBuildErrors: true },
-}

apps/dev/nextjs-v4/package.json

@@ -1,40 +0,0 @@
-{
-  "name": "next-auth-app-v4",
-  "version": "1.0.0",
-  "description": "NextAuth.js Developer app",
-  "private": true,
-  "scripts": {
-    "clean": "rm -rf .next",
-    "dev": "next dev",
-    "lint": "next lint",
-    "build": "next build",
-    "start": "next start",
-    "email": "fake-smtp-server",
-    "start:email": "pnpm email"
-  },
-  "license": "ISC",
-  "dependencies": {
-    "@next-auth/fauna-adapter": "workspace:*",
-    "@auth/prisma-adapter": "workspace:*",
-    "@next-auth/supabase-adapter": "workspace:*",
-    "@auth/typeorm-adapter": "workspace:*",
-    "@prisma/client": "^3",
-    "@supabase/supabase-js": "^2.0.5",
-    "faunadb": "^4",
-    "next": "13.3.0",
-    "next-auth": "workspace:*",
-    "nodemailer": "^6",
-    "react": "^18",
-    "react-dom": "^18"
-  },
-  "devDependencies": {
-    "@types/jsonwebtoken": "^8.5.5",
-    "@types/react": "^18.0.37",
-    "@types/react-dom": "^18.0.6",
-    "fake-smtp-server": "^0.8.0",
-    "pg": "^8.7.3",
-    "prisma": "^3",
-    "sqlite3": "^5.0.8",
-    "typeorm": "0.3.7"
-  }
-}

apps/dev/nextjs-v4/pages/_app.js

@@ -1,10 +0,0 @@
-import { SessionProvider } from "next-auth/react"
-import "./styles.css"
-
-export default function App({ Component, pageProps }) {
-  return (
-    <SessionProvider session={pageProps.session}>
-      <Component {...pageProps} />
-    </SessionProvider>
-  )
-}

apps/dev/nextjs-v4/pages/api-example.js

@@ -1,17 +0,0 @@
-import Layout from '../components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <h1>API Example</h1>
-      <p>The examples below show responses from the example API endpoints.</p>
-      <p><em>You must be signed in to see responses.</em></p>
-      <h2>Session</h2>
-      <p>/api/examples/session</p>
-      <iframe src='/api/examples/session' />
-      <h2>JSON Web Token</h2>
-      <p>/api/examples/jwt</p>
-      <iframe src='/api/examples/jwt' />
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/api/auth-old/[...nextauth].ts

@@ -1,132 +0,0 @@
-import NextAuth, { NextAuthOptions } from "next-auth"
-
-// Providers
-import Apple from "next-auth/providers/apple"
-import Auth0 from "next-auth/providers/auth0"
-import AzureAD from "next-auth/providers/azure-ad"
-import AzureB2C from "next-auth/providers/azure-ad-b2c"
-import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
-// import Cognito from "next-auth/providers/cognito"
-import Credentials from "next-auth/providers/credentials"
-import Discord from "next-auth/providers/discord"
-import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
-// import Email from "next-auth/providers/email"
-import Facebook from "next-auth/providers/facebook"
-import Foursquare from "next-auth/providers/foursquare"
-import Freshbooks from "next-auth/providers/freshbooks"
-import GitHub from "next-auth/providers/github"
-import Gitlab from "next-auth/providers/gitlab"
-import Google from "next-auth/providers/google"
-// import IDS4 from "next-auth/providers/identity-server4"
-import Instagram from "next-auth/providers/instagram"
-// import Keycloak from "next-auth/providers/keycloak"
-import Line from "next-auth/providers/line"
-import LinkedIn from "next-auth/providers/linkedin"
-import Mailchimp from "next-auth/providers/mailchimp"
-// import Okta from "next-auth/providers/okta"
-import Osu from "next-auth/providers/osu"
-import Patreon from "next-auth/providers/patreon"
-import Slack from "next-auth/providers/slack"
-import Spotify from "next-auth/providers/spotify"
-import Trakt from "next-auth/providers/trakt"
-import Twitch from "next-auth/providers/twitch"
-import Twitter from "next-auth/providers/twitter"
-import Vk from "next-auth/providers/vk"
-import Wikimedia from "next-auth/providers/wikimedia"
-import WorkOS from "next-auth/providers/workos"
-
-// // Prisma
-// import { PrismaClient } from "@prisma/client"
-// import { PrismaAdapter } from "@auth/prisma-adapter"
-// const client = globalThis.prisma || new PrismaClient()
-// if (process.env.NODE_ENV !== "production") globalThis.prisma = client
-// const adapter = PrismaAdapter(client)
-
-// // Fauna
-// import { Client as FaunaClient } from "faunadb"
-// import { FaunaAdapter } from "@next-auth/fauna-adapter"
-// const opts = { secret: process.env.FAUNA_SECRET, domain: process.env.FAUNA_DOMAIN }
-// const client = globalThis.fauna || new FaunaClient(opts)
-// if (process.env.NODE_ENV !== "production") globalThis.fauna = client
-// const adapter = FaunaAdapter(client)
-
-// // TypeORM
-// import { TypeORMAdapter } from "@auth/typeorm-adapter"
-// const adapter = TypeORMAdapter({
-//   type: "sqlite",
-//   name: "next-auth-test-memory",
-//   database: "./typeorm/dev.db",
-//   synchronize: true,
-// })
-
-// // Supabase
-// import { SupabaseAdapter } from "@next-auth/supabase-adapter"
-// const adapter = SupabaseAdapter({
-//   url: process.env.NEXT_PUBLIC_SUPABASE_URL,
-//   secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
-// })
-
-export const authOptions: NextAuthOptions = {
-  // adapter,
-  // debug: process.env.NODE_ENV !== "production",
-  theme: {
-    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
-    brandColor: "#1786fb",
-  },
-  providers: [
-    Credentials({
-      credentials: { password: { label: "Password", type: "password" } },
-      async authorize(credentials) {
-        if (credentials.password !== "pw") return null
-        return { name: "Fill Murray", email: "bill@fillmurray.com", image: "https://www.fillmurray.com/64/64", id: "1", foo: "" }
-      },
-    }),
-    Apple({ clientId: process.env.APPLE_ID, clientSecret: process.env.APPLE_SECRET }),
-    Auth0({ clientId: process.env.AUTH0_ID, clientSecret: process.env.AUTH0_SECRET, issuer: process.env.AUTH0_ISSUER }),
-    AzureAD({
-      clientId: process.env.AZURE_AD_CLIENT_ID,
-      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
-      tenantId: process.env.AZURE_AD_TENANT_ID,
-    }),
-    AzureB2C({ clientId: process.env.AZURE_B2C_ID, clientSecret: process.env.AZURE_B2C_SECRET, issuer: process.env.AZURE_B2C_ISSUER }),
-    BoxyHQSAML({ issuer: "https://jackson-demo.boxyhq.com", clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com", clientSecret: "dummy" }),
-    // Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
-    Discord({ clientId: process.env.DISCORD_ID, clientSecret: process.env.DISCORD_SECRET }),
-    DuendeIDS6({ clientId: "interactive.confidential", clientSecret: "secret", issuer: "https://demo.duendesoftware.com" }),
-    Facebook({ clientId: process.env.FACEBOOK_ID, clientSecret: process.env.FACEBOOK_SECRET }),
-    Foursquare({ clientId: process.env.FOURSQUARE_ID, clientSecret: process.env.FOURSQUARE_SECRET }),
-    Freshbooks({ clientId: process.env.FRESHBOOKS_ID, clientSecret: process.env.FRESHBOOKS_SECRET }),
-    GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET }),
-    Gitlab({ clientId: process.env.GITLAB_ID, clientSecret: process.env.GITLAB_SECRET }),
-    Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
-    // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
-    Instagram({ clientId: process.env.INSTAGRAM_ID, clientSecret: process.env.INSTAGRAM_SECRET }),
-    // Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
-    Line({ clientId: process.env.LINE_ID, clientSecret: process.env.LINE_SECRET }),
-    LinkedIn({ clientId: process.env.LINKEDIN_ID, clientSecret: process.env.LINKEDIN_SECRET }),
-    Mailchimp({ clientId: process.env.MAILCHIMP_ID, clientSecret: process.env.MAILCHIMP_SECRET }),
-    // Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
-    Osu({ clientId: process.env.OSU_CLIENT_ID, clientSecret: process.env.OSU_CLIENT_SECRET }),
-    Patreon({ clientId: process.env.PATREON_ID, clientSecret: process.env.PATREON_SECRET }),
-    Slack({ clientId: process.env.SLACK_ID, clientSecret: process.env.SLACK_SECRET }),
-    Spotify({ clientId: process.env.SPOTIFY_ID, clientSecret: process.env.SPOTIFY_SECRET }),
-    Trakt({ clientId: process.env.TRAKT_ID, clientSecret: process.env.TRAKT_SECRET }),
-    Twitch({ clientId: process.env.TWITCH_ID, clientSecret: process.env.TWITCH_SECRET }),
-    Twitter({ clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
-    // TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
-    Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
-    Wikimedia({ clientId: process.env.WIKIMEDIA_ID, clientSecret: process.env.WIKIMEDIA_SECRET }),
-    WorkOS({ clientId: process.env.WORKOS_ID, clientSecret: process.env.WORKOS_SECRET }),
-  ],
-}
-
-if (authOptions.adapter) {
-  // TODO:
-  // authOptions.providers.unshift(
-  //   // NOTE: You can start a fake e-mail server with `pnpm email`
-  //   // and then go to `http://localhost:1080` in the browser
-  //   Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
-  // )
-}
-
-export default NextAuth(authOptions)

apps/dev/nextjs-v4/pages/api/examples/jwt.js

@@ -1,7 +0,0 @@
-// This is an example of how to read a JSON Web Token from an API route
-import { getToken } from "next-auth/jwt"
-
-export default async (req, res) => {
-  const token = await getToken({ req })
-  res.send(JSON.stringify(token, null, 2))
-}

apps/dev/nextjs-v4/pages/api/examples/protected.js

@@ -1,19 +0,0 @@
-// This is an example of to protect an API route
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-
-export default async (req, res) => {
-  const session = await getServerSession(req, res, authOptions)
-
-  if (session) {
-    res.send({
-      content:
-        "This is protected content. You can access this content because you are signed in.",
-      session,
-    })
-  } else {
-    res.send({
-      error: "You must be sign in to view the protected content on this page.",
-    })
-  }
-}

apps/dev/nextjs-v4/pages/api/examples/session.js

@@ -1,8 +0,0 @@
-// This is an example of how to access a session from an API route
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-
-export default async (req, res) => {
-  const session = await getServerSession(req, res, authOptions)
-  res.json(session)
-}

apps/dev/nextjs-v4/pages/api/examples/supabase-rls.js

@@ -1,30 +0,0 @@
-// This is an example of how to query data from Supabase with RLS.
-// Learn more about Row Levele Security (RLS): https://supabase.com/docs/guides/auth/row-level-security
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-import { createClient } from "@supabase/supabase-js"
-
-export default async (req, res) => {
-  const session = await getServerSession(req, res, authOptions)
-
-  if (!session)
-    return res.send(JSON.stringify({ error: "No session!" }, null, 2))
-
-  const { supabaseAccessToken } = session
-
-  const supabase = createClient(
-    process.env.NEXT_PUBLIC_SUPABASE_URL,
-    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-    {
-      global: {
-        headers: {
-          Authorization: `Bearer ${supabaseAccessToken}`,
-        },
-      },
-    }
-  )
-  // Now you can query with RLS enabled.
-  const { data, error } = await supabase.from("users").select("*")
-
-  res.send(JSON.stringify({ supabaseAccessToken, data, error }, null, 2))
-}

apps/dev/nextjs-v4/pages/client.js

@@ -1,22 +0,0 @@
-import Layout from '../components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <h1>Client Side Rendering</h1>
-      <p>
-        This page uses the <strong>useSession()</strong> React Hook in the <strong>&lt;/Header&gt;</strong> component.
-      </p>
-      <p>
-        The <strong>useSession()</strong> React Hook easy to use and allows pages to render very quickly.
-      </p>
-      <p>
-        The advantage of this approach is that session state is shared between pages by using the <strong>Provider</strong> in <strong>_app.js</strong> so
-        that navigation between pages using <strong>useSession()</strong> is very fast.
-      </p>
-      <p>
-        The disadvantage of <strong>useSession()</strong> is that it requires client side JavaScript.
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/credentials.js

@@ -1,67 +0,0 @@
-// eslint-disable-next-line no-use-before-define
-import * as React from "react"
-import { signIn, signOut, useSession } from "next-auth/react"
-import Layout from "components/layout"
-
-export default function Page() {
-  const [response, setResponse] = React.useState(null)
-  const handleLogin = (options) => async () => {
-    if (options.redirect) {
-      return signIn("credentials", options)
-    }
-    const response = await signIn("credentials", options)
-    setResponse(response)
-  }
-
-  const handleLogout = (options) => async () => {
-    if (options.redirect) {
-      return signOut(options)
-    }
-    const response = await signOut(options)
-    setResponse(response)
-  }
-
-  const { data: session } = useSession()
-
-  if (session) {
-    return (
-      <Layout>
-        <h1>Test different flows for Credentials logout</h1>
-        <span className="spacing">Default:</span>
-        <button onClick={handleLogout({ redirect: true })}>Logout</button>
-        <br />
-        <span className="spacing">No redirect:</span>
-        <button onClick={handleLogout({ redirect: false })}>Logout</button>
-        <br />
-        <p>Response:</p>
-        <pre style={{ background: "#eee", padding: 16 }}>
-          {JSON.stringify(response, null, 2)}
-        </pre>
-      </Layout>
-    )
-  }
-
-  return (
-    <Layout>
-      <h1>Test different flows for Credentials login</h1>
-      <span className="spacing">Default:</span>
-      <button onClick={handleLogin({ redirect: true, password: "password" })}>
-        Login
-      </button>
-      <br />
-      <span className="spacing">No redirect:</span>
-      <button onClick={handleLogin({ redirect: false, password: "password" })}>
-        Login
-      </button>
-      <br />
-      <span className="spacing">No redirect, wrong password:</span>
-      <button onClick={handleLogin({ redirect: false, password: "" })}>
-        Login
-      </button>
-      <p>Response:</p>
-      <pre style={{ background: "#eee", padding: 16 }}>
-        {JSON.stringify(response, null, 2)}
-      </pre>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/email.js

@@ -1,80 +0,0 @@
-// eslint-disable-next-line no-use-before-define
-import * as React from "react"
-import { signIn, signOut, useSession } from "next-auth/react"
-import Layout from "components/layout"
-
-export default function Page() {
-  const [response, setResponse] = React.useState(null)
-  const [email, setEmail] = React.useState("")
-
-  const handleChange = (event) => {
-    setEmail(event.target.value)
-  }
-
-  const handleLogin = (options) => async (event) => {
-    event.preventDefault()
-
-    if (options.redirect) {
-      return signIn("email", options)
-    }
-    const response = await signIn("email", options)
-    setResponse(response)
-  }
-
-  const handleLogout = (options) => async (event) => {
-    if (options.redirect) {
-      return signOut(options)
-    }
-    const response = await signOut(options)
-    setResponse(response)
-  }
-
-  const { data: session } = useSession()
-
-  if (session) {
-    return (
-      <Layout>
-        <h1>Test different flows for Email logout</h1>
-        <span className="spacing">Default:</span>
-        <button onClick={handleLogout({ redirect: true })}>Logout</button>
-        <br />
-        <span className="spacing">No redirect:</span>
-        <button onClick={handleLogout({ redirect: false })}>Logout</button>
-        <br />
-        <p>Response:</p>
-        <pre style={{ background: "#eee", padding: 16 }}>
-          {JSON.stringify(response, null, 2)}
-        </pre>
-      </Layout>
-    )
-  }
-
-  return (
-    <Layout>
-      <h1>Test different flows for Email login</h1>
-      <label className="spacing">
-        Email address:{" "}
-        <input
-          type="text"
-          id="email"
-          name="email"
-          value={email}
-          onChange={handleChange}
-        />
-      </label>
-      <br />
-      <form onSubmit={handleLogin({ redirect: true, email })}>
-        <span className="spacing">Default:</span>
-        <button type="submit">Sign in with Email</button>
-      </form>
-      <form onSubmit={handleLogin({ redirect: false, email })}>
-        <span className="spacing">No redirect:</span>
-        <button type="submit">Sign in with Email</button>
-      </form>
-      <p>Response:</p>
-      <pre style={{ background: "#eee", padding: 16 }}>
-        {JSON.stringify(response, null, 2)}
-      </pre>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/index.js

@@ -1,12 +0,0 @@
-import Layout from 'components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <h1>NextAuth.js Example</h1>
-      <p>
-        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/middleware-protected/index.js

@@ -1,9 +0,0 @@
-import Layout from "components/layout"
-
-export default function Page() {
-  return (
-    <Layout>
-      <h1>Page protected by Middleware</h1>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/policy.js

@@ -1,30 +0,0 @@
-import Layout from '../components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <p>
-        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
-      </p>
-      <h2>Terms of Service</h2>
-      <p>
-        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-        SOFTWARE.
-      </p>
-      <h2>Privacy Policy</h2>
-      <p>
-        This site uses JSON Web Tokens and an in-memory database which resets every ~2 hours.
-      </p>
-      <p>
-        Data provided to this site is exclusively used to support signing in
-        and is not passed to any third party services, other than via SMTP or OAuth for the
-        purposes of authentication.
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/protected-ssr.js

@@ -1,48 +0,0 @@
-// This is an example of how to protect content using server rendering
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "./api/auth/[...nextauth]"
-import Layout from "../components/layout"
-import AccessDenied from "../components/access-denied"
-
-export default function Page({ content, session }) {
-  // If no session exists, display access denied message
-  if (!session) {
-    return (
-      <Layout>
-        <AccessDenied />
-      </Layout>
-    )
-  }
-
-  // If session exists, display content
-  return (
-    <Layout>
-      <h1>Protected Page</h1>
-      <p>
-        <strong>{content}</strong>
-      </p>
-    </Layout>
-  )
-}
-
-export async function getServerSideProps(context) {
-  const session = await getServerSession(context.req, context.res, authOptions)
-  let content = null
-
-  if (session) {
-    const hostname = process.env.NEXTAUTH_URL || "http://localhost:3000"
-    const options = { headers: { cookie: context.req.headers.cookie } }
-    const res = await fetch(`${hostname}/api/examples/protected`, options)
-    const json = await res.json()
-    if (json.content) {
-      content = json.content
-    }
-  }
-
-  return {
-    props: {
-      session,
-      content,
-    },
-  }
-}

apps/dev/nextjs-v4/pages/protected.js

@@ -1,35 +0,0 @@
-import { useState, useEffect } from "react"
-import { useSession } from "next-auth/react"
-import Layout from "../components/layout"
-
-export default function Page() {
-  const { status } = useSession({
-    required: true,
-  })
-  const [content, setContent] = useState()
-
-  // Fetch content from protected route
-  useEffect(() => {
-    if (status === "loading") return
-    const fetchData = async () => {
-      const res = await fetch("/api/examples/protected")
-      const json = await res.json()
-      if (json.content) {
-        setContent(json.content)
-      }
-    }
-    fetchData()
-  }, [status])
-
-  if (status === "loading") return <Layout>Loading...</Layout>
-
-  // If session exists, display content
-  return (
-    <Layout>
-      <h1>Protected Page</h1>
-      <p>
-        <strong>{content}</strong>
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/server.js

@@ -1,46 +0,0 @@
-import { getServerSession } from "next-auth/next"
-import Layout from "../components/layout"
-import { authOptions } from "./api/auth/[...nextauth]"
-
-export default function Page() {
-  // As this page uses Server Side Rendering, the `session` will be already
-  // populated on render without needing to go through a loading stage.
-  // This is possible because of the shared context configured in `_app.js` that
-  // is used by `useSession()`.
-
-  return (
-    <Layout>
-      <h1>Server Side Rendering</h1>
-      <p>
-        This page uses the <strong>getServerSession()</strong> method in{" "}
-        <strong>getServerSideProps()</strong>.
-      </p>
-      <p>
-        Using <strong>getServerSession()</strong> in{" "}
-        <strong>getServerSideProps()</strong> is currently the recommended
-        approach, although the API may still change, if you need to support
-        Server Side Rendering with authentication.
-      </p>
-      <p>
-        Using <strong>getSession()</strong> is still recommended on the client.
-      </p>
-      <p>
-        The advantage of Server Side Rendering is this page does not require
-        client side JavaScript.
-      </p>
-      <p>
-        The disadvantage of Server Side Rendering is that this page is slower to
-        render.
-      </p>
-    </Layout>
-  )
-}
-
-// Export the `session` prop to use sessions with Server Side Rendering
-export async function getServerSideProps(context) {
-  return {
-    props: {
-      session: await getServerSession(context.req, context.res, authOptions),
-    },
-  }
-}

apps/dev/nextjs-v4/pages/styles.css

@@ -1,32 +0,0 @@
-body {
-  font-family: ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont,
-    "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif,
-    "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
-  padding: 0 1rem 1rem 1rem;
-  max-width: 680px;
-  margin: 0 auto;
-  background: #fff;
-  color: var(--color-text);
-}
-
-li,
-p {
-  line-height: 1.5rem;
-}
-
-a {
-  font-weight: 500;
-}
-
-hr {
-  border: 1px solid #ddd;
-}
-
-iframe {
-  background: #ccc;
-  border: 1px solid #ccc;
-  height: 10rem;
-  width: 100%;
-  border-radius: .5rem;
-  filter: invert(1);
-}

apps/dev/nextjs-v4/pages/supabase-client-rls.js

@@ -1,49 +0,0 @@
-import Layout from "../components/layout"
-import { useState, useEffect } from "react"
-import { useSession } from "next-auth/react"
-import { createClient } from "@supabase/supabase-js"
-
-export default function Page() {
-  const { data: session } = useSession()
-  const [data, setData] = useState(null)
-
-  useEffect(() => {
-    if (session) {
-      console.log(session)
-      // User is logged in, let's fetch their data.
-      const { supabaseAccessToken } = session
-      const supabase = createClient(
-        process.env.NEXT_PUBLIC_SUPABASE_URL,
-        process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-        {
-          global: {
-            headers: { Authorization: `Bearer ${supabaseAccessToken}` },
-          },
-        }
-      )
-      // Fetch data with RLS enabled.
-      supabase
-        .from("users")
-        .select("*")
-        .then(({ data }) => setData(data))
-    }
-  }, [session])
-
-  return (
-    <Layout>
-      <h1>Fetch Data from Supabase with RLS</h1>
-      <h2>Client-side data fetching with RLS:</h2>
-      <pre>{JSON.stringify(data, null, 2)}</pre>
-      <h2>API Example</h2>
-      <p>
-        You can also use Supabase in API routes. See the code in the
-        `/pages/api/examples/supabase-rls.js` file.
-      </p>
-      <p>
-        <em>You must be signed in to see responses.</em>
-      </p>
-      <p>/api/examples/supabase-rls</p>
-      <iframe src="/api/examples/supabase-rls" />
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/supabase-ssr.js

@@ -1,64 +0,0 @@
-// This is an example of how to protect content using server rendering
-// and fetching data from Supabase with RLS enabled.
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "./api/auth/[...nextauth]"
-import { createClient } from "@supabase/supabase-js"
-import Layout from "../components/layout"
-import AccessDenied from "../components/access-denied"
-
-export default function Page({ data, session }) {
-  // If no session exists, display access denied message
-  if (!session) {
-    return (
-      <Layout>
-        <AccessDenied />
-      </Layout>
-    )
-  }
-
-  // If session exists, display content
-  return (
-    <Layout>
-      <h1>Protected Page</h1>
-      <p>Data fetched during SSR from Supabase with RSL enabled:</p>
-      <pre>{JSON.stringify(data, null, 2)}</pre>
-    </Layout>
-  )
-}
-
-export async function getServerSideProps(context) {
-  const session = await getServerSession(context.req, context.res, authOptions)
-
-  if (!session)
-    return {
-      props: {
-        session,
-        data: null,
-        error: "No session",
-      },
-    }
-
-  const { supabaseAccessToken } = session
-
-  const supabase = createClient(
-    process.env.NEXT_PUBLIC_SUPABASE_URL,
-    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-    {
-      global: {
-        headers: {
-          Authorization: `Bearer ${supabaseAccessToken}`,
-        },
-      },
-    }
-  )
-  // Now you can query with RLS enabled.
-  const { data, error } = await supabase.from("users").select("*")
-
-  return {
-    props: {
-      session,
-      data,
-      error,
-    },
-  }
-}

apps/dev/nextjs-v4/prisma/migrations/20230325081057_test/migration.sql

@@ -1,60 +0,0 @@
--- CreateTable
-CREATE TABLE "Account" (
-    "id" TEXT NOT NULL PRIMARY KEY,
-    "userId" TEXT NOT NULL,
-    "type" TEXT NOT NULL,
-    "provider" TEXT NOT NULL,
-    "providerAccountId" TEXT NOT NULL,
-    "refresh_token" TEXT,
-    "access_token" TEXT,
-    "expires_at" INTEGER,
-    "token_type" TEXT,
-    "scope" TEXT,
-    "id_token" TEXT,
-    "session_state" TEXT,
-    "oauth_token_secret" TEXT,
-    "oauth_token" TEXT,
-    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    "updatedAt" DATETIME NOT NULL,
-    CONSTRAINT "Account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
-);
-
--- CreateTable
-CREATE TABLE "Session" (
-    "id" TEXT NOT NULL PRIMARY KEY,
-    "sessionToken" TEXT NOT NULL,
-    "userId" TEXT NOT NULL,
-    "expires" DATETIME NOT NULL,
-    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
-);
-
--- CreateTable
-CREATE TABLE "User" (
-    "id" TEXT NOT NULL PRIMARY KEY,
-    "name" TEXT,
-    "email" TEXT,
-    "emailVerified" DATETIME,
-    "image" TEXT
-);
-
--- CreateTable
-CREATE TABLE "VerificationToken" (
-    "identifier" TEXT NOT NULL,
-    "token" TEXT NOT NULL,
-    "expires" DATETIME NOT NULL
-);
-
--- CreateIndex
-CREATE UNIQUE INDEX "Account_provider_providerAccountId_key" ON "Account"("provider", "providerAccountId");
-
--- CreateIndex
-CREATE UNIQUE INDEX "Session_sessionToken_key" ON "Session"("sessionToken");
-
--- CreateIndex
-CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
-
--- CreateIndex
-CREATE UNIQUE INDEX "VerificationToken_token_key" ON "VerificationToken"("token");
-
--- CreateIndex
-CREATE UNIQUE INDEX "VerificationToken_identifier_token_key" ON "VerificationToken"("identifier", "token");

apps/dev/nextjs-v4/prisma/migrations/migration_lock.toml

@@ -1,3 +0,0 @@
-# Please do not edit this file manually
-# It should be added in your version-control system (i.e. Git)
-provider = "sqlite"

apps/dev/nextjs-v4/prisma/schema.prisma

@@ -1,57 +0,0 @@
-datasource db {
-  provider = "sqlite"
-  url      = "file:./dev.db"
-}
-
-generator client {
-  provider = "prisma-client-js"
-}
-
-model Account {
-  id                 String  @id @default(cuid())
-  userId             String
-  type               String
-  provider           String
-  providerAccountId  String
-  refresh_token      String?
-  access_token       String?
-  expires_at         Int?
-  token_type         String?
-  scope              String?
-  id_token           String?
-  session_state      String?
-  oauth_token_secret String?
-  oauth_token        String?
-
-  createdAt DateTime @default(now())
-  updatedAt DateTime @updatedAt
-  user      User     @relation(fields: [userId], references: [id])
-
-  @@unique([provider, providerAccountId])
-}
-
-model Session {
-  id           String   @id @default(cuid())
-  sessionToken String   @unique
-  userId       String
-  expires      DateTime
-  user         User     @relation(fields: [userId], references: [id])
-}
-
-model User {
-  id            String    @id @default(cuid())
-  name          String?
-  email         String?   @unique
-  emailVerified DateTime?
-  image         String?
-  accounts      Account[]
-  sessions      Session[]
-}
-
-model VerificationToken {
-  identifier String
-  token      String   @unique
-  expires    DateTime
-
-  @@unique([identifier, token])
-}

apps/dev/nextjs-v4/types/nextauth.d.ts

@@ -1,20 +0,0 @@
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
-import NextAuth from "next-auth"
-
-declare module "next-auth" {
-  /**
-   * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
-   */
-  interface Session {
-    // A JWT which can be used as Authorization header with supabase-js for RLS.
-    supabaseAccessToken?: string
-    user: {
-      /** The user's postal address. */
-      address: string
-    } & User
-  }
-
-  interface User {
-    foo: string
-  }
-}

apps/dev/nextjs/.env.local.example

@@ -52,10 +52,6 @@ TWITTER_SECRET=
 WIKIMEDIA_ID=
 WIKIMEDIA_SECRET=
 
-# Yandex OAuth. new app -> https://oauth.yandex.com/client/new/id
-YANDEX_ID=
-YANDEX_SECRET=
-
 # Example configuration for a Gmail account (will need SMTP enabled)
 EMAIL_SERVER=smtps://user@gmail.com:password@smtp.gmail.com:465
 EMAIL_FROM=user@gmail.com

apps/dev/nextjs/next-env.d.ts

@@ -1,6 +1,5 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
-/// <reference types="next/navigation-types/compat/navigation" />
 
 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/basic-features/typescript for more information.

apps/dev/nextjs/package.json

@@ -16,13 +16,13 @@
   "dependencies": {
     "@auth/core": "workspace:*",
     "@next-auth/fauna-adapter": "workspace:*",
-    "@auth/prisma-adapter": "workspace:*",
+    "@next-auth/prisma-adapter": "workspace:*",
     "@next-auth/supabase-adapter": "workspace:*",
-    "@auth/typeorm-adapter": "workspace:*",
+    "@next-auth/typeorm-legacy-adapter": "workspace:*",
     "@prisma/client": "^3",
     "@supabase/supabase-js": "^2.0.5",
     "faunadb": "^4",
-    "next": "13.3.0",
+    "next": "13.1.1",
     "next-auth": "workspace:*",
     "nodemailer": "^6",
     "react": "^18",
@@ -31,7 +31,7 @@
   "devDependencies": {
     "@playwright/test": "1.29.2",
     "@types/jsonwebtoken": "^8.5.5",
-    "@types/react": "18.0.37",
+    "@types/react": "^18.0.15",
     "@types/react-dom": "^18.0.6",
     "dotenv": "^16.0.3",
     "fake-smtp-server": "^0.8.0",

apps/dev/nextjs/pages/api/auth/[...nextauth].ts

@@ -34,14 +34,13 @@ import Spotify from "@auth/core/providers/spotify"
 import Trakt from "@auth/core/providers/trakt"
 import Twitch from "@auth/core/providers/twitch"
 import Twitter from "@auth/core/providers/twitter"
-import Yandex from "@auth/core/providers/yandex"
 import Vk from "@auth/core/providers/vk"
 import Wikimedia from "@auth/core/providers/wikimedia"
 import WorkOS from "@auth/core/providers/workos"
 
 // // Prisma
 // import { PrismaClient } from "@prisma/client"
-// import { PrismaAdapter } from "@auth/prisma-adapter"
+// import { PrismaAdapter } from "@next-auth/prisma-adapter"
 // const client = globalThis.prisma || new PrismaClient()
 // if (process.env.NODE_ENV !== "production") globalThis.prisma = client
 // const adapter = PrismaAdapter(client)
@@ -55,8 +54,8 @@ import WorkOS from "@auth/core/providers/workos"
 // const adapter = FaunaAdapter(client)
 
 // // TypeORM
-// import { TypeORMAdapter } from "@auth/typeorm-adapter"
-// const adapter = TypeORMAdapter({
+// import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
+// const adapter = TypeORMLegacyAdapter({
 //   type: "sqlite",
 //   name: "next-auth-test-memory",
 //   database: "./typeorm/dev.db",
@@ -102,7 +101,7 @@ export const authConfig: AuthConfig = {
     Facebook({ clientId: process.env.FACEBOOK_ID, clientSecret: process.env.FACEBOOK_SECRET }),
     Foursquare({ clientId: process.env.FOURSQUARE_ID, clientSecret: process.env.FOURSQUARE_SECRET }),
     Freshbooks({ clientId: process.env.FRESHBOOKS_ID, clientSecret: process.env.FRESHBOOKS_SECRET }),
-    GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET, redirectProxy: process.env.AUTH_REDIRECT_PROXY_URL }),
+    GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET }),
     Gitlab({ clientId: process.env.GITLAB_ID, clientSecret: process.env.GITLAB_SECRET }),
     Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
     // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
@@ -121,7 +120,6 @@ export const authConfig: AuthConfig = {
     Twitch({ clientId: process.env.TWITCH_ID, clientSecret: process.env.TWITCH_SECRET }),
     Twitter({ clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
     // TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
-    Yandex({ clientId: process.env.YANDEX_ID, clientSecret: process.env.YANDEX_SECRET }),
     Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
     Wikimedia({ clientId: process.env.WIKIMEDIA_ID, clientSecret: process.env.WIKIMEDIA_SECRET }),
     WorkOS({ clientId: process.env.WORKOS_ID, clientSecret: process.env.WORKOS_SECRET }),

apps/dev/nextjs/tsconfig.json

@@ -1,11 +1,7 @@
 {
   "compilerOptions": {
     "target": "esnext",
-    "lib": [
-      "dom",
-      "dom.iterable",
-      "esnext"
-    ],
+    "lib": ["dom", "dom.iterable", "esnext"],
     "allowJs": true,
     "skipLibCheck": true,
     "strict": false,
@@ -23,17 +19,8 @@
       {
         "name": "next"
       }
-    ],
-    "strictNullChecks": true
+    ]
   },
-  "include": [
-    "next-env.d.ts",
-    "**/*.ts",
-    "**/*.tsx",
-    ".next/types/**/*.ts"
-  ],
-  "exclude": [
-    "node_modules",
-    "jest.config.js"
-  ]
-}
+  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
+  "exclude": ["node_modules", "jest.config.js"]
+}

apps/examples/nextjs/.env.local.example

@@ -1,6 +1,10 @@
 NEXTAUTH_URL=http://localhost:3000
 NEXTAUTH_SECRET= # Linux: `openssl rand -hex 32` or go to https://generate-secret.now.sh/32
 
+APPLE_ID=
+APPLE_TEAM_ID=
+APPLE_PRIVATE_KEY=
+APPLE_KEY_ID=
 
 AUTH0_ID=
 AUTH0_SECRET=
@@ -17,3 +21,8 @@ GOOGLE_SECRET=
 
 TWITTER_ID=
 TWITTER_SECRET=
+
+EMAIL_SERVER=smtp://username:password@smtp.example.com:587
+EMAIL_FROM=NextAuth <noreply@example.com>
+
+DATABASE_URL=sqlite://localhost/:memory:?synchronize=true

apps/examples/nextjs/next.config.js

@@ -1,4 +0,0 @@
-/** @type {import("next").NextConfig} */
-module.exports = {
-  reactStrictMode: true,
-}

apps/examples/nextjs/package.json

@@ -20,12 +20,13 @@
   "dependencies": {
     "next": "latest",
     "next-auth": "latest",
+    "nodemailer": "^6",
     "react": "^18.2.0",
     "react-dom": "^18.2.0"
   },
   "devDependencies": {
-    "@types/node": "^18.16.2",
-    "@types/react": "^18.2.0",
-    "typescript": "^5.0.4"
+    "@types/node": "^17",
+    "@types/react": "^18.0.15",
+    "typescript": "^4"
   }
 }

apps/examples/nextjs/pages/admin.tsx

@@ -7,7 +7,7 @@ export default function Page() {
       <p>Only admin users can see this page.</p>
       <p>
         To learn more about the NextAuth middleware see&nbsp;
-        <a href="https://next-auth.js.org/configuration/nextjs#middleware">
+        <a href="https://docs-git-misc-docs-nextauthjs.vercel.app/configuration/nextjs#middleware">
           the docs
         </a>
         .

apps/examples/nextjs/pages/api/auth/[...nextauth].ts

@@ -4,17 +4,31 @@ import FacebookProvider from "next-auth/providers/facebook"
 import GithubProvider from "next-auth/providers/github"
 import TwitterProvider from "next-auth/providers/twitter"
 import Auth0Provider from "next-auth/providers/auth0"
+// import AppleProvider from "next-auth/providers/apple"
+// import EmailProvider from "next-auth/providers/email"
 
 // For more information on each option (and a full list of options) go to
 // https://next-auth.js.org/configuration/options
 export const authOptions: NextAuthOptions = {
   // https://next-auth.js.org/configuration/providers/oauth
   providers: [
-    Auth0Provider({
-      clientId: process.env.AUTH0_ID,
-      clientSecret: process.env.AUTH0_SECRET,
-      issuer: process.env.AUTH0_ISSUER,
+    /* EmailProvider({
+         server: process.env.EMAIL_SERVER,
+         from: process.env.EMAIL_FROM,
+       }),
+    // Temporarily removing the Apple provider from the demo site as the
+    // callback URL for it needs updating due to Vercel changing domains
+
+    Providers.Apple({
+      clientId: process.env.APPLE_ID,
+      clientSecret: {
+        appleId: process.env.APPLE_ID,
+        teamId: process.env.APPLE_TEAM_ID,
+        privateKey: process.env.APPLE_PRIVATE_KEY,
+        keyId: process.env.APPLE_KEY_ID,
+      },
     }),
+    */
     FacebookProvider({
       clientId: process.env.FACEBOOK_ID,
       clientSecret: process.env.FACEBOOK_SECRET,
@@ -30,9 +44,16 @@ export const authOptions: NextAuthOptions = {
     TwitterProvider({
       clientId: process.env.TWITTER_ID,
       clientSecret: process.env.TWITTER_SECRET,
-      version: "2.0",
+    }),
+    Auth0Provider({
+      clientId: process.env.AUTH0_ID,
+      clientSecret: process.env.AUTH0_SECRET,
+      issuer: process.env.AUTH0_ISSUER,
     }),
   ],
+  theme: {
+    colorScheme: "light",
+  },
   callbacks: {
     async jwt({ token }) {
       token.userRole = "admin"

apps/examples/nextjs/pages/api/examples/protected.ts

@@ -1,5 +1,5 @@
 // This is an example of to protect an API route
-import { getServerSession } from "next-auth/next"
+import { unstable_getServerSession } from "next-auth/next"
 import { authOptions } from "../auth/[...nextauth]"
 
 import type { NextApiRequest, NextApiResponse } from "next"
@@ -8,7 +8,7 @@ export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await getServerSession(req, res, authOptions)
+  const session = await unstable_getServerSession(req, res, authOptions)
 
   if (session) {
     return res.send({

apps/examples/nextjs/pages/api/examples/session.ts

@@ -1,5 +1,5 @@
 // This is an example of how to access a session from an API route
-import { getServerSession } from "next-auth"
+import { unstable_getServerSession } from "next-auth"
 import { authOptions } from "../auth/[...nextauth]"
 
 import type { NextApiRequest, NextApiResponse } from "next"
@@ -8,6 +8,6 @@ export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await getServerSession(req, res, authOptions)
+  const session = await unstable_getServerSession(req, res, authOptions)
   res.send(JSON.stringify(session, null, 2))
 }

apps/examples/nextjs/pages/server.tsx

@@ -1,4 +1,4 @@
-import { getServerSession } from "next-auth/next"
+import { unstable_getServerSession } from "next-auth/next"
 import { authOptions } from "./api/auth/[...nextauth]"
 import Layout from "../components/layout"
 
@@ -13,11 +13,11 @@ export default function ServerSidePage() {
     <Layout>
       <h1>Server Side Rendering</h1>
       <p>
-        This page uses the <strong>getServerSession()</strong> method in{" "}
-        <strong>getServerSideProps()</strong>.
+        This page uses the <strong>unstable_getServerSession()</strong> method
+        in <strong>getServerSideProps()</strong>.
       </p>
       <p>
-        Using <strong>getServerSession()</strong> in{" "}
+        Using <strong>unstable_getServerSession()</strong> in{" "}
         <strong>getServerSideProps()</strong> is the recommended approach if you
         need to support Server Side Rendering with authentication.
       </p>
@@ -38,7 +38,11 @@ export default function ServerSidePage() {
 export async function getServerSideProps(context: GetServerSidePropsContext) {
   return {
     props: {
-      session: await getServerSession(context.req, context.res, authOptions),
+      session: await unstable_getServerSession(
+        context.req,
+        context.res,
+        authOptions
+      ),
     },
   }
 }

apps/playgrounds/gatsby/package.json

@@ -10,13 +10,13 @@
     "clean": "gatsby clean"
   },
   "dependencies": {
-    "dotenv": "16.0.0",
-    "gatsby": "5.8.0-next.3",
+    "dotenv": "^16.0.0",
+    "gatsby": "next",
     "next-auth": "workspace:*",
-    "react": "18.2.0",
-    "react-dom": "18.2.0"
+    "react": "^18",
+    "react-dom": "^18"
   },
   "devDependencies": {
-    "vercel": "23.1.2"
+    "vercel": "^23.1.2"
   }
 }

apps/playgrounds/nuxt/composables/useSession.ts

@@ -1,4 +1,4 @@
-import { Session } from "@auth/core/types"
+import { Session } from "@auth/core"
 
 export default function useSession() {
   return useState<Session | null>("session", () => null)

apps/playgrounds/nuxt/lib/auth/client.ts

@@ -43,7 +43,7 @@ export async function signIn<
 
   // TODO: Handle custom base path
   // TODO: Remove this since Sveltekit offers the CSRF protection via origin check
-  const { csrfToken } = await $fetch<{ csrfToken: string }>("/api/auth/csrf")
+  const { csrfToken } = await $fetch("/api/auth/csrf")
 
   console.log(_signInUrl)
 

apps/playgrounds/nuxt/lib/auth/server.ts

@@ -1,14 +1,13 @@
-import { AuthConfig, Session } from "@auth/core/types"
-import { Auth } from "@auth/core"
+import { AuthHandler, AuthOptions, Session } from "@auth/core"
 import { fromNodeMiddleware, H3Event } from "h3"
 import getURL from "requrl"
 import { createMiddleware } from "@hattip/adapter-node"
 
-export function NuxtAuthHandler(options: AuthConfig) {
+export function NuxtAuthHandler(options: AuthOptions) {
   async function handler(ctx: { request: Request }) {
     options.trustHost ??= true
 
-    return Auth(ctx.request, options)
+    return AuthHandler(ctx.request, options)
   }
 
   const middleware = createMiddleware(handler)
@@ -18,7 +17,7 @@ export function NuxtAuthHandler(options: AuthConfig) {
 
 export async function getSession(
   event: H3Event,
-  options: AuthConfig
+  options: AuthOptions
 ): Promise<Session | null> {
   options.trustHost ??= true
 
@@ -31,7 +30,7 @@ export async function getSession(
     nodeHeaders.append(key, headers[key] as any)
   })
 
-  const response = await Auth(
+  const response = await AuthHandler(
     new Request(url, { headers: nodeHeaders }),
     options
   )

apps/playgrounds/nuxt/package.json

@@ -1,21 +1,21 @@
 {
-  "name": "next-auth-nuxt",
+  "name": "playground-nuxt",
   "private": true,
   "scripts": {
-    "build": "nuxt build",
-    "dev": "nuxt prepare && nuxt dev",
+    "build": "nuxt prepare && nuxt build",
+    "dev": "nuxt prepare &&  export NODE_OPTIONS='--no-experimental-fetch' && nuxt dev",
     "generate": "nuxt generate",
     "preview": "nuxt preview"
   },
   "devDependencies": {
     "@nuxt/eslint-config": "^0.1.1",
     "eslint": "^8.29.0",
-    "h3": "1.6.6",
-    "nuxt": "3.5.1"
+    "h3": "1.0.2",
+    "nuxt": "3.0.0"
   },
   "dependencies": {
     "@auth/core": "workspace:*",
-    "@hattip/adapter-node": "^0.0.34",
+    "@hattip/adapter-node": "^0.0.22",
     "requrl": "^3.0.2"
   }
 }

apps/playgrounds/nuxt/plugins/auth.ts

@@ -1,4 +1,4 @@
-import { Session } from "@auth/core/types"
+import { Session } from "@auth/core"
 
 export default defineNuxtPlugin(async () => {
   const session = useSession()

apps/playgrounds/nuxt/server/api/auth/[...].ts

@@ -1,10 +1,10 @@
 import { NuxtAuthHandler } from "@/lib/auth/server"
 import GithubProvider from "@auth/core/providers/github"
-import type { AuthConfig } from "@auth/core"
+import type { AuthOptions } from "@auth/core"
 
 const runtimeConfig = useRuntimeConfig()
 
-export const authOptions = {
+export const authOptions: AuthOptions = {
   secret: runtimeConfig.secret,
   providers: [
     GithubProvider({
@@ -12,6 +12,6 @@ export const authOptions = {
       clientSecret: runtimeConfig.github.clientSecret,
     }),
   ],
-} as AuthConfig
+}
 
 export default NuxtAuthHandler(authOptions)

docs/.eslintrc

@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}

docs/README.md

@@ -1,66 +0,0 @@
-<p align="center">
-   <br/>
-   <a href="https://authjs.dev" target="_blank"><img width="150px" src="https://authjs.dev/img/logo/logo-sm.png" /></a>
-   <h3 align="center">Auth.js</h3>
-   <p align="center">Authentication for Next.js</p>
-   <p align="center">
-   Open Source. Full Stack. Own Your Data.
-   </p>
-   <p align="center" style="align: center;">
-      <a href="https://github.com/nextauthjs/next-auth/actions/workflows/release.yml?query=workflow%3ARelease">
-        <img src="https://github.com/nextauthjs/next-auth/actions/workflows/release.yml/badge.svg" alt="Release" />
-      </a>
-      <a href="https://packagephobia.com/result?p=@auth/core">
-        <img src="https://packagephobia.com/badge?p=@auth/core" alt="Bundle Size"/>
-      </a>
-      <a href="https://www.npmtrends.com/@auth/core">
-        <img src="https://img.shields.io/npm/dm/@auth/core" alt="Downloads" />
-      </a>
-      <a href="https://github.com/nextauthjs/next-auth/stargazers">
-        <img src="https://img.shields.io/github/stars/nextauthjs/next-auth" alt="Github Stars" />
-      </a>
-      <a href="https://www.npmjs.com/package/@auth/core">
-        <img src="https://img.shields.io/github/v/release/nextauthjs/next-auth?label=latest" alt="Github Stable Release" />
-      </a>
-   </p>
-</p>
-
-## Overview
-
-This is the repository for the documentation page for Auth.js!
-
-NextAuth.js is a complete open source authentication solution for [Next.js](http://nextjs.org/) applications.
-
-This documentation site is based on the [Docusaurus](https://docusaurus.io) framework.
-
-## Getting Started
-
-To start a local environment of this project, please do the following.
-
-1. Clone the repository.
-
-```bash
-$ git clone https://github.com/nextauthjs/docs.git
-```
-
-2. Install dependencies
-
-```bash
-$ npm install
-```
-
-3. Start the development server
-
-```bash
-$ npm start
-```
-
-And thats all! Now you should have a local copy of this docs site running at [localhost:3000](http://localhost:3000)!
-
-## Contributing
-
-We're open to all community contributions! If you'd like to contribute in any way, please first read our [Contributing Guide](https://github.com/nextauthjs/.github/blob/main/CONTRIBUTING.md).
-
-## License
-
-ISC

docs/assets/img/blobs/blob1.svg

@@ -0,0 +1,19 @@
+<!-- <svg width="1077" height="990" viewBox="0 0 1077 990" fill="none" xmlns="http://www.w3.org/2000/svg"> -->
+<!-- <path d="M909.079 176.687C486.468 1429.32 94.8519 797.145 -245.666 989.191L-273.518 122.311C-98.0847 109.104 255.784 81.3405 267.79 75.9479C282.798 69.2072 1153.31 -485.661 1071.51 -140.889C1022.28 -26.4819 1001.45 -97.0987 909.079 176.687Z" fill="url(#paint0_linear_228_76)" fill-opacity="1" /> -->
+<!-- <defs> -->
+<!-- <linearGradient id="paint0_linear_228_76" x1="588.47" y1="791.265" x2="238.137" y2="497.91" gradientUnits="userSpaceOnUse"> -->
+<!-- <stop stop-color="#FF4400"/> -->
+<!-- <stop offset="1" stop-color="#111" /> -->
+<!-- </linearGradient> -->
+<!-- </defs> -->
+<!-- </svg> -->
+<svg width="1056" height="855" viewBox="0 0 1056 855" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M888.078 42.3027C465.467 1294.94 73.851 662.761 -266.667 854.807L-294.519 -12.0732C-119.086 -25.2807 234.783 -53.0438 246.789 -58.4364C261.797 -65.1771 1132.31 -620.045 1050.51 -275.273C1001.28 -160.866 980.447 -231.483 888.078 42.3027Z" fill="url(#paint0_radial_228_76)"/>
+<defs>
+<radialGradient id="paint0_radial_228_76" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(666.999 571.116) rotate(-129.513) scale(513.947 862.777)">
+<stop stop-color="#FF4400"/>
+<stop offset="1" stop-color="#111111"/>
+</radialGradient>
+</defs>
+</svg>
+

docs/assets/img/blobs/blob2.svg

@@ -0,0 +1,20 @@
+<!-- <svg width="1405" height="1025" viewBox="0 0 1405 1025" fill="none" xmlns="http://www.w3.org/2000/svg"> -->
+<!-- <path d="M1180.05 977.4C483.802 708.04 103.247 143.506 0 -105.091L1102.61 -196C1418.53 307.367 1876.29 1246.76 1180.05 977.4Z" fill="url(#paint0_linear_228_83)" fill-opacity="0.44"/> -->
+<!-- <defs> -->
+<!-- <linearGradient id="paint0_linear_228_83" x1="185.171" y1="460.565" x2="641.405" y2="-62.9701" gradientUnits="userSpaceOnUse"> -->
+<!-- <stop stop-color="#BB44CC"/> -->
+<!-- <stop offset="1" stop-color="#BB44CC" stop-opacity="0"/> -->
+<!-- </linearGradient> -->
+<!-- </defs> -->
+<!-- </svg> -->
+
+<svg width="1405" height="1025" viewBox="0 0 1405 1025" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M1180.05 977.4C483.802 708.04 103.247 143.506 0 -105.091L1102.61 -196C1418.53 307.367 1876.29 1246.76 1180.05 977.4Z" fill="url(#paint0_radial_228_83)"/>
+<defs>
+<radialGradient id="paint0_radial_228_83" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(498 619) rotate(-46.5881) scale(548.572 1194.34)">
+<stop stop-color="#BB44CC"/>
+<stop offset="1" stop-color="#111111"/>
+</radialGradient>
+</defs>
+</svg>
+

docs/assets/img/blobs/blob3.svg

@@ -0,0 +1,20 @@
+<!-- <svg width="2402" height="275" viewBox="0 0 2402 275" fill="none" xmlns="http://www.w3.org/2000/svg"> -->
+<!-- <path d="M305.668 155.376C1150.52 -387.169 3270.85 708.01 2011.14 262.274L1847.48 804.627C1613.84 721.267 1142.31 553.804 1125.29 550.832C1104 547.117 -168.361 431.431 18.8067 264.119C109.949 220.108 121.011 273.958 305.668 155.376Z" fill="url(#paint0_linear_228_78)" fill-opacity="0.66"/> -->
+<!-- <defs> -->
+<!-- <linearGradient id="paint0_linear_228_78" x1="869.047" y1="-51.7999" x2="921.583" y2="353.448" gradientUnits="userSpaceOnUse"> -->
+<!-- <stop stop-color="#44BBCC"/> -->
+<!-- <stop offset="1" stop-color="#44BBCC" stop-opacity="0.12"/> -->
+<!-- </linearGradient> -->
+<!-- </defs> -->
+<!-- </svg> -->
+
+<svg width="2402" height="275" viewBox="0 0 2402 275" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M305.668 155.376C1150.52 -387.169 3270.85 708.01 2011.14 262.274L1847.48 804.627C1613.84 721.267 1142.31 553.804 1125.29 550.832C1104 547.117 -168.361 431.431 18.8067 264.119C109.949 220.108 121.011 273.958 305.668 155.376Z" fill="url(#paint0_radial_228_78)"/>
+<defs>
+<radialGradient id="paint0_radial_228_78" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(883.5 -66) rotate(93.0267) scale(757.557 879.417)">
+<stop stop-color="#44BBCC"/>
+<stop offset="1" stop-color="#111111"/>
+</radialGradient>
+</defs>
+</svg>
+

docs/components/marquee.jsx

@@ -0,0 +1,66 @@
+import { useState, useEffect } from "react"
+import { motion } from "framer-motion"
+
+const clamp = (num, min, max) => Math.min(Math.max(num, min), max)
+
+export default function Marquee({ files }) {
+  const [{ width, height }, setSize] = useState({ height: 0, width: 0 })
+  useEffect(() => {
+    setSize({
+      width: window.innerWidth,
+      height: window.innerHeight,
+    })
+  }, [])
+
+  if (width === 0) return
+
+  return (
+    <div className="absolute w-full h-full top-0 left-0 dark:opacity-5 opacity-20 saturate-0 brightness-75 dark:brightness-[1000] -z-20 overflow-hidden flex flex-col marquee-wrapper">
+      {files.map((name) => (
+        <MarqueeItem key={name} name={name} width={width} height={height} />
+      ))}
+    </div>
+  )
+}
+
+function MarqueeItem({ name, width, height }) {
+  const [y] = useState(height * Math.random())
+  const [reset, setReset] = useState(false)
+  const [duration] = useState(clamp(Math.random() * 25, 20, 25))
+  const offset = Math.random() * width
+  useEffect(() => {
+    const timeout =
+      setTimeout(() => {
+        setReset(true)
+      }, (1000 * (width - offset)) / duration) - 2000
+    return () => clearTimeout(timeout)
+  }, [duration, width, offset])
+  return (
+    <motion.span
+      key={name + reset}
+      className="absolute flex items-center justify-center"
+      initial={{ x: reset ? 0 : offset, y }}
+      animate={{ x: width }}
+      transition={{
+        repeat: Infinity,
+        duration: reset ? duration : (width - offset) / duration,
+        ease: "linear",
+      }}
+    >
+      <motion.img
+        src={`/img/providers/${name}`}
+        alt={name}
+        className="relative w-12 drop-shadow-xl"
+        initial={{ opacity: 0, scale: 0.5 }}
+        animate={{ opacity: 1, scale: 1 }}
+        transition={{
+          delay: reset ? 0 : Math.random() * 5,
+          duration: 1,
+          type: "spring",
+
+          stiffness: 150,
+        }}
+      />
+    </motion.span>
+  )
+}

docs/components/triangle.jsx

@@ -0,0 +1,85 @@
+export default function Triangle({ className }) {
+  return (
+    <svg
+      id="triangle"
+      viewBox="0 0 445 379"
+      className={className}
+      fill="none"
+      xmlns="http://www.w3.org/2000/svg"
+    >
+      <style jsx>
+        {`
+          @media (prefers-color-scheme: light) {
+            #triangle-0 {
+              fill: #000;
+            }
+            #triangle-1 {
+              fill: #ff4400;
+            }
+            #triangle-2 {
+              fill: #bb44cc;
+            }
+            #triangle-3 {
+              fill: #44bbcc;
+            }
+          }
+        `}
+      </style>
+      <path
+        id="triangle-0"
+        d="M334.033 238.33L222.692 46.7201L111.352 238.33H334.033Z"
+        fill="#fff"
+      />
+      <path
+        id="triangle-1"
+        d="M198.174 1.12812L4.62255 51.2473C1.37638 52.0878 -0.550786 55.4258 0.344333 58.6574L53.7157 251.338C55.1362 256.466 62.0336 257.344 64.6942 252.736L204.874 9.93656C207.535 5.32834 203.325 -0.205751 198.174 1.12812Z"
+        fill="url(#triangle-1-gradient)"
+      />
+      <path
+        id="triangle-2"
+        d="M246.294 1.12825L439.846 51.2473C443.092 52.0879 445.019 55.4259 444.124 58.6574L390.753 251.338C389.332 256.466 382.435 257.344 379.774 252.736L239.594 9.93665C236.933 5.32844 241.143 -0.205634 246.294 1.12825Z"
+        fill="url(#triangle-2-gradient)"
+      />
+      <path
+        id="triangle-3"
+        d="M361.388 286.577L225.585 377.959C223.559 379.322 220.91 379.322 218.885 377.959L83.0814 286.577C78.1672 283.27 80.5079 275.599 86.4311 275.599H358.039C363.962 275.599 366.303 283.27 361.388 286.577Z"
+        fill="url(#triangle-3-gradient)"
+      />
+      <defs>
+        <linearGradient
+          id="triangle-1-gradient"
+          x1="-1.28386"
+          y1="52.7769"
+          x2="134.785"
+          y2="131.336"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stopColor="#992900" />
+          <stop offset="1" stopColor="#FF4400" />
+        </linearGradient>
+        <linearGradient
+          id="triangle-2-gradient"
+          x1="445.753"
+          y1="52.7769"
+          x2="309.684"
+          y2="131.336"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stopColor="#6D2178" />
+          <stop offset="1" stopColor="#BB44CC" />
+        </linearGradient>
+        <linearGradient
+          id="triangle-3-gradient"
+          x1="222.236"
+          y1="380.213"
+          x2="222.236"
+          y2="275.599"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stopColor="#1B5B64" />
+          <stop offset="1" stopColor="#44BBCC" />
+        </linearGradient>
+      </defs>
+    </svg>
+  )
+}

docs/docs/concepts/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Concepts",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/getting-started/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Getting Started",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/getting-started/databases.md

@@ -1,14 +0,0 @@
----
-title: Databases
----
-
-Auth.js offers multiple database adapters. Check our guides on:
-
-- [Using a database adapter](/guides/adapters/using-a-database-adapter)
-- [Creating your own](/guides/adapters/creating-a-database-adapter)
-
-To learn more about databases in Auth.js and how they are used, check out [databases in the FAQ](/concepts/faq#databases).
-
-## How to use a database
-
-See the [documentation for adapters](/reference/adapters) for more information on advanced configuration, including how to use Auth.js with other databases using a [custom adapter](/guides/adapters/creating-a-database-adapter).

docs/docs/getting-started/introduction.md

@@ -1,44 +0,0 @@
----
-title: Introduction
-sidebar_position: 0
----
-
-## About Auth.js
-
-Auth.js is a complete open-source authentication solution for web applications. Check out the live demos of Auth.js in action:
-
-- [Next.js](https://next-auth-example.vercel.app/)
-- [SvelteKit](https://sveltekit-auth-example.vercel.app/)
-- [SolidStart](https://auth-solid.vercel.app/)
-
-Continue to our tutorials to see how to use Auth.js for authentication:
-
-- [Setup with OAuth](/getting-started/oauth-tutorial)
-- [Setup with magic links](/getting-started/email-tutorial)
-- [Integrating with external auth](/getting-started/credentials-tutorial)
-
-### Battery included
-
-- Built in support for 60+ popular services (Google, Facebook, Auth0, Apple…)
-- Built-in email/password-less/magic link
-- Use with any OAuth 2 or OpenID Connect provider
-- Use with any username/password store
-
-### Flexible
-- Runtime agnostic - run anywhere! Vercel Edge Functions, Node.js, Serverless, etc.
-- Use with any modern framework! Next.js, SolidStart, SvelteKit, etc.
-- [Bring Your Own Database](/getting-started/databases) - or none! MySQL, Postgres, MSSQL, MongoDB, etc. Choose database sessions or JWT.
-
-_Note: Email sign-in requires a database to store single-use verification tokens._
-
-### Secure by default
-- Signed, prefixed, server-only cookies
-- Built-in CSRF protection
-- Doesn't rely on client-side JavaScript
-- JWT with JWS / JWE / JWK.
-
-## Credits
-
-Auth.js is an open-source project that is only possible [thanks to contributors](/contributors).
-
-To financially support the development of Auth.js, you can check our [OpenCollective](https://opencollective.com/nextauth) page. We appreciate your support 💚.

docs/docs/getting-started/oauth-tutorial.mdx

@@ -1,372 +0,0 @@
----
-title: OAuth authentication
----
-
-import creatingOauthAppImg from "./img/getting-started-creating-oauth-app.png"
-import addingCallbackUrlImg from "./img/getting-started-oauth-callback-url.png"
-import gettingClientIdSecretImg from "./img/getting-started-oauth-clientid-secret.png"
-import startAppAndSignInImg from "./img/getting-started-app-start.png"
-import githubAuthCredentials from "./img/getting-started-github-auth.png"
-import nextAuthUserLoggedIn from "./img/getting-started-nextauth-success.png"
-import Tabs from "@theme/Tabs"
-import TabItem from "@theme/TabItem"
-
-The goal of Auth.js is that you can add authentication easily to your project with just a few lines of code.
-
-The fastest way to set up Auth.js is with an [OAuth](/concepts/oauth) provider. In this tutorial, we'll be setting Auth.js in a web application to be able to log in with **GitHub**.
-
-:::info
-Auth.js comes with a list of [built-in providers](/reference/providers/oauth-builtin) (Google, Facebook, Twitter, etc.). You can also integrate it with your OAuth service by [building a custom provider](/guides/providers/custom-provider).
-:::
-
-## 1. Configuring Auth.js
-
-To add Auth.js to your project:
-
-<Tabs groupId="frameworks" queryString>
-  <TabItem value="next" label="Next.js" default>
-
-### Prerequisites
-
-This tutorial assumes you have a Next.js application set up. If you don't, you can follow the [Next.js tutorial](https://nextjs.org/learn/basics/create-nextjs-app) to get started.
-
-### Installing NextAuth.js
-
-```bash npm2yarn
-npm install next-auth
-```
-
-:::info
-We are working on a new `@auth/nextjs` package that will make it easier to set up Auth.js with Next.js. Stay tuned! For now, you can use the `next-auth` package.
-:::
-
-### Creating the server config
-
-Create the following [API route](https://nextjs.org/docs/api-routes/dynamic-api-routes#catch-all-api-routes) file. This route contains the necessary configuration for NextAuth.js, as well as the dynamic route handler:
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import GithubProvider from "next-auth/providers/github"
-
-export default NextAuth({
-  providers: [
-    GithubProvider({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-  ],
-})
-```
-
-:::info
-
-Behind the scenes, this creates all the relevant OAuth API routes within `/api/auth/*` so that auth API requests to:
-
-- [GET `/api/auth/signin`](https://authjs.dev/reference/rest-api#get--apiauthsignin)
-- [POST `/api/auth/signin/:provider`](https://authjs.dev/reference/rest-api#post--apiauthsigninprovider)
-- [GET/POST `/api/auth/callback/:provider`](https://authjs.dev/reference/rest-api#get--post--apiauthcallbackprovider)
-- [GET `/api/auth/signout`](https://authjs.dev/reference/rest-api#get--apiauthsignout)
-- [POST `/api/auth/signout`](https://authjs.dev/reference/rest-api#post--apiauthsignout)
-- [GET `/api/auth/session`](https://authjs.dev/reference/rest-api#get--apiauthsession)
-- [GET `/api/auth/csrf`](https://authjs.dev/reference/rest-api#get--apiauthcsrf)
-- [GET `/api/auth/providers`](https://authjs.dev/reference/rest-api#get--apiauthproviders)
-
-can be handled by NextAuth.js. In this way, NextAuth.js stays in charge of the whole application's authentication request/response flow.
-
-NextAuth.js is fully customizable - [our guides section](/guides/overview) teaches you how to set it up to handle auth in different ways. All the possible configuration options are [listed here](/reference/configuration/auth-config).
-:::
-
-### Adding environment variables
-
-You may notice we are using environment variables in the code example above. We take the value of `GITHUB_ID` and `GITHUB_SECRET` from the GitHub Developer OAuth Portal. See [Configuring OAuth Provider](/getting-started/oauth-tutorial#2-configuring-oauth-provider) section on how to get those.
-
-In your project root, create a `.env.local` file and add the `NEXTAUTH_SECRET` environment variable:
-
-```title=".env.local"
-NEXTAUTH_SECRET="This is an example"
-```
-
-`NEXTAUTH_SECRET` is a random string used by the library to encrypt tokens and email verification hashes, and **it's mandatory to keep things secure**! 🔥 🔐 . You can use:
-
-```
-$ openssl rand -base64 32
-```
-
-or https://generate-secret.vercel.app/32 to generate a random value for it.
-
-### Exposing the session via `SessionProvider`:
-
-NextAuth.js provides [`useSession()`](/reference/react/#usesession) - a [React Hooks](https://reactjs.org/docs/hooks-intro.html) to access the session data and status. To use it first you'll need to expose the session context - [`<SessionProvider />`](/reference/react/#sessionprovider) - at the top level of your application:
-
-```ts title="pages/_app.tsx"
-import { SessionProvider } from "next-auth/react"
-
-export default function App({
-  Component,
-  pageProps: { session, ...pageProps },
-}) {
-  return (
-    <SessionProvider session={session}>
-      <Component {...pageProps} />
-    </SessionProvider>
-  )
-}
-```
-
-Instances of `useSession` (more on it in the next section) will have access to the session data and status. The `<SessionProvider />` also keep the session updated and synced between browser tabs and windows. 💪🏽
-
-:::tip
-Check our [client docs](/reference/react/) to learn all the available options for handling sessions on the browser.
-:::
-
-### Consuming the session via hooks
-
-You can use the `useSession` hook from anywhere in your application (E.g. in a header component). Behind the scenes, the hook will connect to the `<SessionProvider />` to read the current user session. Learn more about React Context in the [React docs](https://reactjs.org/docs/context.html).
-
-```ts title="pages/overview.tsx"
-import { useSession, signIn, signOut } from "next-auth/react"
-
-export default function CamperVanPage() {
-  const { data: session, status } = useSession()
-  const userEmail = session?.user?.email
-
-  if (status === "loading") {
-    return <p>Hang on there...</p>
-  }
-
-  if (status === "authenticated") {
-    return (
-      <>
-        <p>Signed in as {userEmail}</p>
-        <button onClick={() => signOut()}>Sign out</button>
-        <img src="https://cdn.pixabay.com/photo/2017/08/11/19/36/vw-2632486_1280.png" />
-      </>
-    )
-  }
-
-  return (
-    <>
-      <p>Not signed in.</p>
-      <button onClick={() => signIn("github")}>Sign in</button>
-    </>
-  )
-}
-```
-
-### Protecting API Routes
-
-To protect your API Routes (blocking unauthorized access to resources), you can use [`getServerSession()`](/reference/nextjs#getserversession) to know whether a session exists or not:
-
-```ts title="pages/api/movies/list.ts"
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-
-export default async function listMovies(req, res) {
-  const session = await getServerSession(req, res, authOptions)
-
-  if (session) {
-    res.send({
-      movies: [
-        { title: "Alien vs Predator", id: 1 },
-        { title: "Reservoir Dogs", id: 2 },
-      ],
-    })
-  } else {
-    res.send({
-      error: "You must sign in to view movies.",
-    })
-  }
-}
-```
-
-  </TabItem>
-  <TabItem value="sveltekit" label="SvelteKit">
-TODO: SvelteKit
-  </TabItem>
-  <TabItem value="solidstart" label="SolidStart">
-TODO: SolidStart
-  </TabItem>
-  <TabItem value="core" label="Vanilla (No Framework)">
-TODO Core
-  </TabItem>
-</Tabs>
-
-## 2. Configuring OAuth Provider
-
-Ok, we have our app set up with NextAuth.js, however, if you run the app right now, it won't work as we haven't configured our OAuth provider (**GitHub**) yet.
-
-:::info
-When using OAuth you're asking for a third-party service (in this case GitHub, although it could be Google, Twitter, etc...) to handle user authentication for your app.
-:::
-
-We need to register our new app in GitHub, so that when NextAuth.js forwards the authorization requests to it, GitHub can recognize your application and prompt the user to sign in.
-
-<img src={creatingOauthAppImg} />
-
-Log in to **GitHub**, go to [`Settings / Developers / OAuth Apps`](https://github.com/settings/developers) and click "New OAuth App"
-
-Next, you'll be presented with a screen to add details about your new application. Fill in the required fields, but pay extra attention to the **Authorization Callback URL** one:
-
-<img src={addingCallbackUrlImg} />
-
-The callback URL we insert should have the following pattern:
-
-```
-[origin]/api/auth/callback/[provider]
-```
-
-In this case, given we want to try our authentication working locally on our machine and we're using **GitHub** as our OAuth provider, it'll be:
-
-<Tabs groupId="frameworks">
-  <TabItem value="next" label="Next.js" default>
-
-```
-http://localhost:3000/api/auth/callback/github
-```
-
-:::info
-NextAuth.js will already create this API endpoint for you when we start the application later. Note that because we're using Next.js, locally it starts our server on port `3000` by default. Hence, the origin is `http://localhost:3000`.
-:::
-
-  </TabItem>
-  <TabItem value="sveltekit" label="SvelteKit">
-
-```
-http://localhost:5173/auth/callback/github
-```
-
-  </TabItem>
-  <TabItem value="solidstart" label="SolidStart">
-    TODO SolidStart
-  </TabItem>
-  <TabItem value="core" label="Vanilla (No Framework)">
-TODO Core
-  </TabItem>
-</Tabs>
-
-:::info
-The last part of the URL, `[provider]`, is the ID of the provider you're using. In this case, we're using GitHub, so it's `github`. If you're using Google, it'll be `google`, etc... We keep track of the provider IDs internally.
-
-The same id is used in the `signIn()` method we saw earlier.
-:::
-
-To register, tap on "Register application" button.
-
-The next screen shows all the configurations for your newly created OAuth app. For now, we need two things from it - the **Client ID** and **Client Secret**:
-
-<img src={gettingClientIdSecretImg} />
-
-The Client ID is always there, a public identifier of your OAuth application within GitHub. Click on the **Generate a new client Secret** button and should be presented with a new string (which is just a randomized string).
-
-:::warning
-Keep both your Client ID and Client Secret secure and never expose them to the public or share them with people outside your organization. With them, a malicious actor could hijack your application and cause you and your user serious problems!
-:::
-
-Cool! We have finished configuring our OAuth provider, now let's wire all together so we can finally see authentication working in our app!
-
-:::info
-As noted previously, NextAuth.js has built-in support for multiple OAuth providers, <a href="">here is the full list</a>. You can also easily build your own in case the provider you need is not on the list.
-
-Note that, for each provider, the configuration process will be similar to what we just did:
-
-1. Log in to the provider
-2. Create create your OAuth application within it
-3. Set the callback URL
-4. Get the Client ID and Generate a Client Secret
-:::
-
-## 3. Wiring all together
-
-Finally, we just need to reference our **Client ID** and **Client Secret** we just generated in the previous in our Auth.js config. In this way, the library will be able to use them when forwarding users to GitHub, and GitHub will be able to recognize the request as generated from our application.
-
-Now let's copy both the Client ID and Client Secret and paste them into an environment file in the root of your project like so:
-
-```title=".env.local"
-GITHUB_ID=12345
-GITHUB_SECRET=67890
-```
-
-Here is our server configuration file again:
-
-<Tabs groupId="frameworks">
-  <TabItem value="next" label="Next.js" default>
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import GithubProvider from "next-auth/providers/github"
-
-export default NextAuth({
-  providers: [
-    GithubProvider({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-  ],
-})
-```
-
-Great! We're now ready to run our application locally. Start the Next.js app by running on your terminal the following command and navigating to [`http://localhost:3000`](http://localhost:3000):
-
-```
-$ npm run next dev
-```
-
-  </TabItem>
-  <TabItem value="sveltekit" label="SvelteKit">
-TODO SvelteKit
-  </TabItem>
-  <TabItem value="solidstart" label="SolidStart">
-TODO SolidStart
-  </TabItem>
-  <TabItem value="core" label="Vanilla (No Framework)">
-TODO Core
-  </TabItem>
-</Tabs>
-
-You should see the following page:
-
-<img src={startAppAndSignInImg} />
-
-Click on "Sign in" and then on "Sign in with GitHub": Auth.js will redirect you to GitHub, and GitHub will recognize our app [that we just registered](#2-configuring-oauth-provider) and ask the user (in this case you) to enter its credentials to proceed:
-
-<img src={githubAuthCredentials} />
-
-Once inserted and correct, GitHub will redirect the user to our app and NextAuth.js will take care of any further calls with GitHub to get access to the user profile and start a user session safely in the background:
-
-<img src={nextAuthUserLoggedIn} />
-
-Great! We have completed the whole E2E authentication flow setup so that users can log in to our application through GitHub!
-
-## 4. Deploying to production
-
-### Configuring different environments
-
-It's normal to test your application in different environments. Usually, you'll have a development environment (when you run the application locally on your machine), a staging environment (for team members to try the application), and a production environment.
-
-For each environment, you need to create an OAuth application in your provider respectively, as [we did previously](#2-configuring-oauth-provider), and point the **callback URL** to it.
-
-For instance, in the previous section, we pointed the callback URL to `http://localhost:3000/api/auth/callback/github` as we wanted to test our application in the development environment.
-
-If we were to deploy our app to production, we would need to create a new **OAuth App** in GitHub (calling it something like "Van life – prod") and point the **callback URL** to our production domain: `https://example.com/api/auth/callback/github`
-
-Finally, we would need to point the environment variables we set ( `GITHUB_ID` and `GITHUB_SECRET` ) to the credentials of the OAuth app we want our application to run with.
-
-### Setting up `NEXTAUTH_URL`
-
-:::tip
-Skip this section if you are deploying to Vercel.
-:::
-
-When deploying your site, **you need to set** the `NEXTAUTH_URL` environment variable to the canonical URL of your website:
-
-```
-NEXTAUTH_URL=https://example.com
-```
-
-:::warning
-In production, this needs to be set as an environment variable on the service you use to deploy your app.
-
-To set environment variables on Vercel, you can use the [dashboard](https://vercel.com/dashboard) or the `vercel env pull` [command](https://vercel.com/docs/build-step#development-environment-variables).
-:::
-
-For more information please check out our [deployment page](/guides/basics/deployment).

docs/docs/getting-started/upgrade-to-v4.md

@@ -1,612 +0,0 @@
----
-title: Upgrade Guide (v4)
----
-
-Auth.js version 4 includes a few breaking changes from the last major version (3.x). So we're here to help you upgrade your applications as smoothly as possible. It should be possible to upgrade from any version of 3.x to the latest 4 release by following the next few migration steps.
-
-:::note
-Version 4 has been released to GA 🚨
-
-We encourage users to try it out and report any and all issues they come across.
-:::
-
-You can upgrade to the new version by running:
-
-```bash npm2yarn
-npm install next-auth
-```
-
-## `next-auth/jwt`
-
-We no longer have a default export in `next-auth/jwt`.
-To comply with this, change the following:
-
-```diff
-- import jwt from "next-auth/jwt"
-+ import { getToken } from "next-auth/jwt"
-```
-
-## `next-auth/react`
-
-We've renamed the client-side import source to `next-auth/react`. To comply with this change, you will simply have to rename anywhere you were using `next-auth/client`.
-
-For example:
-
-```diff
-- import { useSession } from "next-auth/client"
-+ import { useSession } from "next-auth/react"
-```
-
-We've also made the following changes to the names of the exports:
-
-- `setOptions`: Not exposed anymore, use [`SessionProvider` props](/reference/react/#sessionprovider)
-- `options`: Not exposed anymore, [use `SessionProvider` props](/reference/react/#sessionprovider)
-- `session`: Renamed to `getSession`
-- `providers`: Renamed to `getProviders`
-- `csrfToken`: Renamed to `getCsrfToken`
-- `signin`: Renamed to `signIn`
-- `signout`: Renamed to `signOut`
-- `Provider`: Renamed to `SessionProvider`
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.12
-
-## `SessionProvider`
-
-Version 4 makes using the `SessionProvider` mandatory. This means that you will have to wrap any part of your application using `useSession` in this provider, if you were not doing so already. The `SessionProvider` has also undergone a few further changes:
-
-- `Provider` is renamed to `SessionProvider`
-- The options prop is now flattened as the props of SessionProvider.
-- `keepAlive` has been renamed to `refetchInterval`.
-- `clientMaxAge` has been removed in favor of `refetchInterval`, as they overlap in functionality, with the difference that `refetchInterval` will keep re-fetching the session periodically in the background.
-
-The best practice for wrapping your app in Providers is to do so in your `pages/_app.jsx` file.
-
-An example use-case with these new changes:
-
-```jsx
-import { SessionProvider } from "next-auth/react"
-
-export default function App({
-  Component,
-  pageProps: { session, ...pageProps },
-}) {
-  return (
-    // `session` comes from `getServerSideProps` or `getInitialProps`.
-    // Avoids flickering/session loading on first load.
-    <SessionProvider session={session} refetchInterval={5 * 60}>
-      <Component {...pageProps} />
-    </SessionProvider>
-  )
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.12
-
-## Providers
-
-Providers now need to be imported individually.
-
-```diff
-- import Provider from "next-auth/providers"
-- Providers.Auth0({...})
-- Providers.Google({...})
-+ import Auth0Provider from "next-auth/providers/auth0"
-+ import GoogleProvider from "next-auth/providers/google"
-+ Auth0Provider({...})
-+ GoogleProvider({...})
-```
-
-1. The `AzureADB2C` provider has been renamed `AzureAD`.
-2. The `Basecamp` provider has been removed, see explanation [here](https://github.com/basecamp/api/blob/master/sections/authentication.md#on-authenticating-users-via-oauth).
-3. The GitHub provider by default now will not request full write access to user profiles. If you need this scope, please add `user` to the scope option manually.
-
-The following new options are available when defining your Providers in the configuration:
-
-1. `authorization` (replaces `authorizationUrl`, `authorizationParams`, `scope`)
-2. `token` replaces (`accessTokenUrl`, `headers`, `params`)
-3. `userinfo` (replaces `profileUrl`)
-4. `issuer`(replaces `domain`)
-
-For more details on their usage, please see [options](/reference/providers/oauth) section of the OAuth Provider documentation.
-
-When submitting a new OAuth provider to the repository, the `profile` callback is expected to only return these fields from now on: `id`, `name`, `email`, and `image`. If any of these are missing values, they should be set to `null`.
-
-Also worth noting is that `id` is expected to be returned as a `string` type (For example if your provider returns it as a number, you can cast it by using the `.toString()` method). This makes the returned profile object comply across all providers/accounts/adapters, and hopefully cause less confusion in the future.
-
-Implemented in: https://github.com/nextauthjs/next-auth/pull/2411
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.20
-
-## `useSession` Hook
-
-The `useSession` hook has been updated to return an object. This allows you to test states much more cleanly with the new `status` option.
-
-```diff
-- const [ session, loading ] = useSession()
-+ const { data: session, status } = useSession()
-+ const loading = status === "loading"
-```
-
-[Check the docs](/reference/react/#usesession) for the possible values of both `session.status` and `session.data`.
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.18
-
-## Named Parameters
-
-We have changed the arguments to our callbacks to the named parameters pattern. This way you don't have to use dummy `_` placeholders or other tricks.
-
-### Callbacks
-
-The signatures for the callback methods now look like this:
-
-```diff
-- signIn(user, account, profileOrEmailOrCredentials)
-+ signIn({ user, account, profile, email, credentials })
-```
-
-```diff
-- redirect(url, baseUrl)
-+ redirect({ url, baseUrl })
-```
-
-```diff
-- session(session, tokenOrUser)
-+ session({ session, token, user })
-```
-
-```diff
-- jwt(token, user, account, OAuthProfile, isNewUser)
-+ jwt({ token, user, account, profile, isNewUser })
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.17
-
-### Events
-
-Two event signatures have changed to also use the named parameters pattern, `signOut` and `updateUser`.
-
-```diff
-// [...nextauth].js
-...
-events: {
-- signOut(tokenOrSession),
-+ signOut({ token, session }), // token if using JWT, session if DB persisted sessions.
-- updateUser(user)
-+ updateUser({ user })
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.20
-
-## JWT configuration
-
-We have removed some of the [configuration options](/reference/configuration/auth-config) when using JSON Web Tokens, [here's the PR](https://github.com/nextauthjs/next-auth/pull/3039) for more context.
-
-```diff
-export default NextAuth({
-  // ...
-  jwt: {
-    secret,
-    maxAge,
--   encryptionKey
--   signingKey
--   encryptionKey
--   verificationOptions
-    encode({
-        token
-        secret
-        maxAge
--       signingKey
--       signingOptions
--       encryptionKey
--       encryptionOptions
--       encryption
-    }) {},
-    decode({
-        token
-        secret
--       maxAge
--       signingKey
--       verificationKey
--       verificationOptions
--       encryptionKey
--       decryptionKey
--       decryptionOptions
--       encryption
-    }) {}
-  }
-})
-```
-
-## Logger API
-
-The logger API has been simplified to use at most two parameters, where the second is usually an object (`metadata`) containing an `error` object. If you are not using the logger settings you can ignore this change.
-
-```diff
-// [...Auth.js]
-import log from "some-logger-service"
-...
-logger: {
-- error(code, ...message) {},
-+ error(code, metadata) {},
-- warn(code, ...message) {},
-+ warn(code) {}
-- debug(code, ...message) {}
-+ debug(code, metadata) {}
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.19
-
-## `nodemailer`
-
-Like `typeorm` and `prisma`, [`nodemailer`](https://npmjs.com/package/nodemailer) is no longer included as a dependency by default. If you are using the Email provider you must install it in your project manually, or use any other Email library in the [`sendVerificationRequest`](/guides/providers/email) callback. This reduces bundle size for those not actually using the Email provider. Remember, when using the Email provider, it is mandatory to also use a database adapter due to the fact that verification tokens need to be persisted longer term for the magic link functionality to work.
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.2
-
-## Theme
-
-We have added some basic customization options to our built-in pages like `signin`, `signout`, etc.
-
-These can be set under the `theme` configuration key. This used to be a string which only controlled the color scheme option. Now it is an object with the following options:
-
-```js
-theme: {
-  colorScheme: "auto", // "auto" | "dark" | "light"
-  brandColor: "", // Hex color value
-  logo: "" // Absolute URL to logo image
-}
-```
-
-The hope is that with some minimal configuration / customization options, users won't immediately feel the need to replace the built-in pages with their own.
-
-More details and screenshots of the new theme options can be found under [custom pages tutorial](/guides/basics/pages).
-
-Introduced in https://github.com/nextauthjs/next-auth/pull/2788
-
-## Session
-
-The `session.jwt: boolean` option has been renamed to `session.strategy: "jwt" | "database"`. The goal is to make the user's options more intuitive:
-
-1. No adapter, `strategy: "jwt"`: This is the default. The session is saved in a cookie and never persisted anywhere.
-2. With Adapter, `strategy: "database"`: If an Adapter is defined, this will be the implicit setting. No user config is needed.
-3. With Adapter, `strategy: "jwt"`: The user can explicitly instruct `next-auth` to use JWT even if a database is available. This can result in faster lookups in compromise of lowered security. Read more about: https://authjs.dev/concepts/faq#json-web-tokens
-
-Example:
-
-```diff
-session: {
-- jwt: true,
-+ strategy: "jwt",
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/pull/3144
-
-## Adapters
-
-Most importantly, the core `next-auth` package no longer ships with `typeorm` or any other database adapter by default. This brings the default bundle size down significantly for those not needing to persist user data to a database.
-
-You can find the official Adapters in the `packages` directory in the primary monorepo ([nextauthjs/next-auth](https://github.com/nextauthjs/next-auth)). Although you can still [create your own](/guides/adapters/creating-a-database-adapter) with a new, [simplified Adapter API](https://github.com/nextauthjs/next-auth/pull/2361).
-
-If you have a database that was created with a `3.x.x` or earlier version of Auth.js, you will need to run a migration to update the schema to the new version 4 database model. See the bottom of this migration guide for database specific migration examples.
-
-1. If you use the built-in TypeORM or Prisma adapters, these have been removed from the core `next-auth` package. Thankfully the migration is easy; you just need to install the external packages for your database and change the import in your `[...nextauth].js`.
-
-The `database` option has been removed, you must now do the following instead:
-
-```diff
-// [...nextauth].js
-import NextAuth from "next-auth"
-+ import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
-
-...
-export default NextAuth({
--  database: "yourconnectionstring",
-+  adapter: TypeORMLegacyAdapter("yourconnectionstring")
-})
-```
-
-2. The `prisma-legacy` adapter has been removed, please use the [`@next-auth/prisma-adapter`](https://npmjs.com/package/@next-auth/prisma-adapter) instead.
-
-3. The `typeorm-legacy` adapter has been upgraded to use the newer adapter API, but has retained the `typeorm-legacy` name. We aim to migrate this to individual lighter weight adapters for each database type in the future, or switch out `typeorm`.
-
-4. MongoDB has been moved to its own adapter under `@next-auth/mongodb-adapter`. See the [MongoDB Adapter docs](/reference/adapters/mongodb).
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.8 and https://github.com/nextauthjs/next-auth/pull/2361
-
-### Adapter API
-
-**This does not require any changes from the user - these are adapter specific changes only**
-
-The Adapter API has been rewritten and significantly simplified in NextAuth v4. The adapters now have less work to do as some functionality has been migrated to the core of NextAuth, like hashing the [verification token](/reference/adapters/models/#verification-token).
-
-If you are an adapter maintainer or are interested in writing your own adapter, you can find more information about this change in https://github.com/nextauthjs/next-auth/pull/2361 and release https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.22.
-
-### Schema changes
-
-The way we save data with adapters have slightly changed. With the new Adapter API, we wanted to make it easier to extend your database with additional fields. For example if your User needs an extra `phone` field, it should be enough to add that to your database's schema, and no changes will be necessary in your adapter.
-
-- `created_at`/`createdAt` and `updated_at`/`updatedAt` fields are removed from all Models.
-- `user_id`/`userId` consistently named `userId`.
-- `compound_id`/`compoundId` is removed from Account.
-- `access_token`/`accessToken` is removed from Session.
-- `email_verified`/`emailVerified` on User is consistently named `emailVerified`.
-- `provider_id`/`providerId` renamed to `provider` on Account
-- `provider_type`/`providerType` renamed to `type` on Account
-- `provider_account_id`/`providerAccountId` on Account is consistently named `providerAccountId`
-- `access_token_expires`/`accessTokenExpires` on Account renamed to `expires_at`
-- New fields on Account: `token_type`, `scope`, `id_token`, `session_state`
-- `verification_requests` table has been renamed to `verification_tokens`
-
-<!-- REVIEW: Would something like this below be helpful? -->
-<details>
-<summary>
-See the changes
-</summary>
-<pre>
-
-```diff
-User {
-  id
-  name
-  email
-- emailVerified
-+ email_verified
-  image
--  created_at
--  updated_at
-}
-
-Account {
-  id
-- compound_id
-- user_id
-+ userId
--  provider_type
-+ type
-- provider_id
-+ provider
-- provider_account_id
-+ providerAccountId
-  refresh_token
-  access_token
-- access_token_expires
-+ expires_in
-+ expires_at
-+ token_type
-+ scope
-+ id_token
-+ session_state
-- created_at
-- updated_at
-}
-
-Session {
-  id
-  userId
-  expires
-  sessionToken
-- access_token
-- created_at
-- updated_at
-}
-
-VerificationToken {
-  id
-  token
-  expires
-  identifier
--  created_at
--  updated_at
-}
-```
-
-</pre>
-</details>
-
-For more info, see the [Models page](/reference/adapters/models).
-
-### Database migration
-
-Auth.js v4 has a slightly different database schema compared to v3. If you're using any of our adapters and want to upgrade, you can use on of the below schemas.
-
-They are designed to be run directly against the database itself. So instead of having one in Prisma syntax, one in TypeORM syntax, etc. we've decided to just make one for each underlying database type. i.e. one for Postgres, one for MySQL, one for MongoDB, etc.
-
-#### MySQL
-
-```sql
-/* ACCOUNT */
-ALTER TABLE accounts
-CHANGE "access_token_expires" "expires_at" int
-CHANGE "user_id" "userId" varchar(255)
-ADD CONSTRAINT fk_user_id FOREIGN KEY (userId) REFERENCES users(id)
-RENAME COLUMN "provider_id" "provider"
-RENAME COLUMN "provider_account_id" "providerAccountId"
-DROP COLUMN "provider_type"
-DROP COLUMN "compound_id"
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-
-ADD COLUMN "token_type" varchar(255) NULL
-ADD COLUMN "scope" varchar(255) NULL
-ADD COLUMN "id_token" varchar(255) NULL
-ADD COLUMN "session_state" varchar(255) NULL
-
-/* Note: These are only needed if you're going to be using the old Twitter OAuth 1.0 provider. */
-ADD COLUMN "oauth_token_secret" varchar(255) NULL
-ADD COLUMN "oauth_token" varchar(255) NULL
-
-/* USER */
-ALTER TABLE users
-RENAME COLUMN "email_verified" "emailVerified"
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-
-/* SESSION */
-ALTER TABLE sessions
-RENAME COLUMN "session_token" "sessionToken"
-CHANGE "user_id" "userId" varchar(255)
-ADD CONSTRAINT fk_user_id FOREIGN KEY (userId) REFERENCES users(id)
-DROP COLUMN "access_token"
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-
-/* VERIFICATION REQUESTS */
-ALTER TABLE verification_requests RENAME verification_tokens
-ALTER TABLE verification_tokens
-DROP COLUMN id
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-```
-
-#### Postgres
-
-```sql
-/* ACCOUNT */
-ALTER TABLE accounts RENAME COLUMN "user_id" TO "userId";
-ALTER TABLE accounts RENAME COLUMN "provider_id" TO "provider";
-ALTER TABLE accounts RENAME COLUMN "provider_account_id" TO "providerAccountId";
-ALTER TABLE accounts RENAME COLUMN "access_token_expires" TO "expires_at";
-ALTER TABLE accounts RENAME COLUMN "provider_type" TO "type";
-
-/* Do conversion of TIMESTAMPTZ to BIGINT */
-ALTER TABLE accounts ALTER COLUMN "expires_at" TYPE TEXT USING CAST(extract(epoch FROM "expires_at") AS BIGINT)*1000;
-
-/* Keep id as SERIAL with autoincrement when using ORM. Using new v4 uuid format won't work because of incompatibility */
-/* ALTER TABLE accounts ALTER COLUMN "id" TYPE TEXT; */
-/* ALTER TABLE accounts ALTER COLUMN "userId" TYPE TEXT; */
-ALTER TABLE accounts ALTER COLUMN "type" TYPE TEXT;
-ALTER TABLE accounts ALTER COLUMN "provider" TYPE TEXT;
-ALTER TABLE accounts ALTER COLUMN "providerAccountId" TYPE TEXT;
-
-ALTER TABLE accounts ADD CONSTRAINT fk_user_id FOREIGN KEY ("userId") REFERENCES users(id);
-ALTER TABLE accounts
-DROP COLUMN IF EXISTS "compound_id";
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE accounts
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-
-ALTER TABLE accounts
-ADD COLUMN IF NOT EXISTS "token_type" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "scope" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "id_token" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "session_state" TEXT NULL;
-/* Note: These are only needed if you're going to be using the old Twitter OAuth 1.0 provider. */
-/* ALTER TABLE accounts
-ADD COLUMN IF NOT EXISTS "oauth_token_secret" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "oauth_token" TEXT NULL; */
-
-/* USER */
-ALTER TABLE users RENAME COLUMN "email_verified" TO "emailVerified";
-
-/* Keep id as SERIAL with autoincrement when using ORM. Using new v4 uuid format won't work because of incompatibility */
-/* ALTER TABLE users ALTER COLUMN "id" TYPE TEXT; */
-ALTER TABLE users ALTER COLUMN "name" TYPE TEXT;
-ALTER TABLE users ALTER COLUMN "email" TYPE TEXT;
-ALTER TABLE users ALTER COLUMN "image" TYPE TEXT;
-/* Do conversion of TIMESTAMPTZ to BIGINT and then TEXT */
-ALTER TABLE users ALTER COLUMN "emailVerified" TYPE TEXT USING CAST(CAST(extract(epoch FROM "emailVerified") AS BIGINT)*1000 AS TEXT);
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE users
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-
-/* SESSION */
-ALTER TABLE sessions RENAME COLUMN "session_token" TO "sessionToken";
-ALTER TABLE sessions RENAME COLUMN "user_id" TO "userId";
-
-/* Keep id as SERIAL with autoincrement when using ORM. Using new v4 uuid format won't work because of incompatibility */
-/* ALTER TABLE sessions ALTER COLUMN "id" TYPE TEXT; */
-/* ALTER TABLE sessions ALTER COLUMN "userId" TYPE TEXT; */
-ALTER TABLE sessions ALTER COLUMN "sessionToken" TYPE TEXT;
-ALTER TABLE sessions ADD CONSTRAINT fk_user_id FOREIGN KEY ("userId") REFERENCES users(id);
-/* Do conversion of TIMESTAMPTZ to BIGINT and then TEXT */
-ALTER TABLE sessions ALTER COLUMN "expires" TYPE TEXT USING CAST(CAST(extract(epoch FROM "expires") AS BIGINT)*1000 AS TEXT);
-ALTER TABLE sessions DROP COLUMN IF EXISTS "access_token";
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE sessions
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-
-/* VERIFICATION REQUESTS */
-ALTER TABLE verification_requests RENAME TO verification_tokens;
-/* Keep id as ORM needs it */
-/* ALTER TABLE verification_tokens DROP COLUMN IF EXISTS id; */
-ALTER TABLE verification_tokens ALTER COLUMN "identifier" TYPE TEXT;
-ALTER TABLE verification_tokens ALTER COLUMN "token" TYPE TEXT;
-/* Do conversion of TIMESTAMPTZ to BIGINT and then TEXT */
-ALTER TABLE verification_tokens ALTER COLUMN "expires" TYPE TEXT USING CAST(CAST(extract(epoch FROM "expires") AS BIGINT)*1000 AS TEXT);
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE verification_tokens
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-```
-
-#### MongoDB
-
-MongoDB is a document database and as such new fields will be automatically populated. You do, however, need to update the names of existing fields which are going to be reused.
-
-```mongo
-db.getCollection('accounts').updateMany({}, {
-  $rename: {
-    "provider_id": "provider",
-    "provider_account_id": "providerAccountId",
-    "user_id": "userId",
-    "access_token_expires": "expires_at"
-  }
-})
-db.getCollection('users').updateMany({}, {
-  $rename: {
-    "email_verified": "emailVerified"
-  }
-})
-db.getCollection('sessions').updateMany({}, {
-  $rename: {
-    "session_token": "sessionToken",
-    "user_id": "userId"
-  }
-})
-```
-
-## Missing `secret`
-
-Auth.js used to generate a secret for convenience, when the user did not define one. This might have been useful in development, but can be a concern in production. We have always been clear about that in the docs, but from now on, if you forget to define a `secret` property in production, we will show the user an error page. Read more about this option [here](/reference/configuration/auth-config#secret)
-
-You can generate a secret to be placed in the `secret` configuration option via the following command:
-
-```bash
-$ openssl rand -base64 32
-```
-
-Therefore, your Auth.js config should look something like this:
-
-```javascript title="/pages/api/auth/[...nextauth].js"
-...
-export default NextAuth({
-  ...
-  providers: [...],
-  secret: "LlKq6ZtYbr+hTC073mAmAh9/h2HwMfsFo4hrfCx5mLg=",
-  ...
-})
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/issues/3143
-
-## Session `strategy`
-
-We have always supported two different session strategies. The first being our most popular and default strategy - the JWT based one. The second is the database adapter persisted session strategy. Both have their advantages/disadvantages, you can learn more about them on the [FAQ](/concepts/faq) page.
-
-Previously, the way you configured this was through the `jwt: boolean` flag in the `session` option. The names `session` and `jwt` might have been a bit overused in the options, and so for a clearer message, we renamed this option to `strategy: "jwt" | "database"`, it is still in the `session` object. This will hopefully better indicate the purpose of this option as well as make very explicit which type of session you are going to use.
-
-See the [`session` option docs](/reference/configuration/auth-config#session) for more details.
-
-Introduced in https://github.com/nextauthjs/next-auth/pull/3144
-
-## Summary
-
-We hope this migration goes smoothly for each and every one of you! If you have any questions or get stuck anywhere, feel free to create [a new issue](https://github.com/nextauthjs/next-auth/issues/new) on GitHub.

docs/docs/guides/adapters/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Adapters",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/guides/basics/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Basics",
-  "collapsible": true,
-  "collapsed": false
-}

docs/docs/guides/basics/deployment.md

@@ -1,72 +0,0 @@
----
-title: Deployment
----
-
-Deploying Auth.js only requires a few steps. It can be run anywhere a Next.js application can. Therefore, in a default configuration using only JWT session strategy, i.e. without a database, you will only need these few things in addition to your application:
-
-1. Auth.js environment variables
-
-   - `NEXTAUTH_SECRET`
-   - `NEXTAUTH_URL`
-
-2. Auth.js API Route and its configuration (`/pages/api/auth/[...nextauth].js`).
-   - OAuth Provider `clientId` / `clientSecret`
-
-Deploying a modern JavaScript application using Auth.js consists of making sure your environment variables are set correctly as well as the configuration in the Auth.js API route is setup, as well as any configuration (like Callback URLs, etc.) are correctly done in your OAuth provider(s) themselves.
-
-See below for more detailed provider settings.
-
-## Vercel
-
-1. Make sure to expose the Vercel [System Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables) in your project settings. This way, we can detect the environment. (Setting `NEXTAUTH_URL` environment variable on Vercel is **unnecessary**).
-2. Create a `NEXTAUTH_SECRET` environment variable for both Production and Preview environments.
-   a. You can use `openssl rand -base64 32` or https://generate-secret.vercel.app/32 to generate a random value.
-3. Add your provider's client ID and client secret to environment variables. _(Skip this step if not using an [OAuth Provider](/reference/providers/index))_
-4. Deploy!
-
-Example repository: https://github.com/nextauthjs/next-auth-example
-
-A few notes about deploying to Vercel. The environment variables are read server-side, so you **should not** prefix them with `NEXT_PUBLIC_` to avoid accidentally bundling a secret in the client-side JavaScript code.
-
-### Securing a preview deployment
-
-Most OAuth providers cannot be configured with multiple callback URLs or using a wildcard. 
-
-However, Auth.js **supports Preview deployments**, even **with OAuth providers**:
-
-1. Determine a stable deployment URL. Eg.: A deployment whose URL does not change between builds, for example. `auth.yourdomain.com`),
-2. Set `AUTH_REDIRECT_PROXY_URL` to that URL, adding the path up until your `[...nextauth]` route. Eg.: (`https://auth.yourdomain.com/api/auth`)
-3. For your OAuth provider, set the callback URL using the stable deployment URL. Eg.: For GitHub `https://auth.yourdomain.com/api/auth/callback/github`)
-
-:::info
-To support preview deployments, the `AUTH_SECRET` value needs to be the same for the stable deployment and deployments that will need OAuth support.
-:::
-
-
-<details>
-<summary>
-<b>How does this work?</b>
-</summary>
-To support preview deployments, Auth.js uses the stable deployment URL as a redirect proxy server.
-
-It will redirect the OAuth callback request to the preview deployment URL, but only when the `AUTH_REDIRECT_PROXY_URL` environment variable is set. The stable deployment can still act as a regular app.
-
-When a user initiates an OAuth sign-in flow on a preview deployment, we save its URL in the `state` query parameter but set the `redirect_uri` to the stable deployment.
-
-Then, the OAuth provider will redirect the user to the stable deployment, which then will verify the `state` parameter and redirect the user to the preview deployment URL if the `state` is valid. This is secured by relying on the same server-side `AUTH_SECRET` for the stable deployment and the preview deployment.
-
-See also:
-<ul>
-<li><a href="https://www.ietf.org/rfc/rfc6749.html#section-4.1.1">OAuth 2.0 specification: `state` query parameter</a></li>
-</ul>
-</details>
-
-## Netlify
-
-Netlify is very similar to Vercel in that you can deploy a Next.js project without almost any extra work.
-
-To set up Auth.js correctly here, you will want to make sure you add your `NEXTAUTH_SECRET` environment variable in the project settings. If you are using the [Essential Next.js Build Plugin](https://github.com/netlify/netlify-plugin-nextjs) within your project, you **do not** need to set the `NEXTAUTH_URL` environment variable as it is set automatically as part of the build process.
-
-Netlify also exposes some [system environment variables](https://docs.netlify.com/configure-builds/environment-variables/) from which you can check which `NODE_ENV` you are currently in and much more.
-
-After this, make sure you either have your OAuth provider set up correctly with `clientId` / `clientSecret`'s and callback URLs.

docs/docs/guides/basics/role-based-access-control.md

@@ -1,153 +0,0 @@
----
-title: Role-based access control
----
-
-There are two ways to add role-based access control (RBAC) to your application, based on the [session strategy](/concepts/session-strategies) you choose. Let's see an example for each of these.
-
-## Getting the role
-
-We are going to start by adding a `profile()` callback to the providers' config to determine the user role:
-
-```ts title="/pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import Google from "next-auth/providers/google"
-
-export default NextAuth({
-  providers: [
-    Google({
-      profile(profile) {
-        return { role: profile.role ?? "user", ... }
-      },
-      ...
-    })  
-  ],
-})
-```
-
-:::tip
-To determine the user's role, you can either add your logic or if your provider assigns roles already, use that instead.
-:::
-
-## Persisting the role
-### With JWT
-
-When you don't have a database configured, the role will be persisted in a cookie, by using the `jwt()` callback. On sign-in, the `role` property is exposed from the `profile` callback on the `user` object. Persist the `user.role` value by assigning it to `token.role`. That's it!
-
-If you also want to use the role on the client, you can expose it via the `session` callback.
-
-```ts title="/pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import Google from "next-auth/providers/google"
-
-export default NextAuth({
-  providers: [
-    Google({
-      profile(profile) {
-        return { role: profile.role ?? "user", ... }
-      },
-      ...
-    })  
-  ],
-  // highlight-start
-  callbacks: {
-    jwt({ token, user }) {
-      if(user) token.role = user.role
-      return token
-    },
-    session({ session, token }) {
-      session.user.role = token.role
-      return session
-    }
-  }
-  // highlight-end
-})
-```
-
-:::info
-With this strategy, if you want to update the role, the user needs to be forced to sign in again.
-:::
-
-### With Database
-
-When you have a database, you can save the user role on the [User model](/reference/adapters/models#user). The below example is showing you how to do this with Prisma, but the idea is the same for all adapters.
-
-First, add a `role` column to the User model.
-
-```ts title="/prisma/schema.prisma"
-model User {
-  id            String    @id @default(cuid())
-  name          String?
-  email         String?   @unique
-  emailVerified DateTime?
-  image         String?
-  role          String?  // New column
-  accounts      Account[]
-  sessions      Session[]
-}
-```
-
-The `profile()` callback's return value is used to create users in the database. That's it! Your newly created users will now have an assigned role.
-
-If you also want to use the role on the client, you can expose it via the `session` callback.
-
-```ts title="/pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import Google from "next-auth/providers/google"
-  // highlight-next-line
-import prisma from "lib/prisma"
-
-export default NextAuth({
-  // highlight-next-line
-  adapter: PrismaAdapter(prisma),
-  providers: [
-    Google({
-      profile(profile) {
-        return { role: profile.role ?? "user", ... }
-      }
-      ...
-    })  
-  ],
-  // highlight-start
-  callbacks: {
-    session({ session, user }) {
-      session.user.role = user.role
-      return session
-    }
-  }
-  // highlight-end
-})
-```
-
-:::info
-It is up to you how you want to manage to update the roles, either through direct database access or building your role update API.
-:::
-
-## Using the role
-
-If you want to use the role in the client, for both cases above, when using the `useSession` hook, `session.user.role` will have the required role if you exposed it via the `session` callback. You can use this to render a different UI for different users.
-
-```ts title="/pages/admin.tsx"
-import { useSession } from "next-auth/react"
-
-export default function Page() {
-  const session = await useSession()
-
-  if (session?.user.role === "admin") {
-    return <p>You are an admin, welcome!</p>
-  }
-
-  return <p>You are not authorized to view this page!</p>
-}
-```
-
-:::tip
-When using Next.js and JWT, you can alternatively also use [Middleware](https://next-auth.js.org/configuration/nextjs#wrap-middleware) to redirect the user based on their role, even before rendering the page.
-:::
-
-## Resources
-
-- [Concepts: Session strategies](/concepts/session-strategies)
-- [Next.js: Middleware](https://next-auth.js.org/configuration/nextjs#wrap-middleware)
-- [Adapters: User model](/reference/adapters/models#user)
-- [Adapters: Prisma adapter](/reference/adapters/prisma)
-- [TypeScript](/getting-started/typescript)

docs/docs/guides/corporate-proxies/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Corporate proxies",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/guides/index.md

@@ -1,12 +0,0 @@
----
-title: Overview
-sidebar_position: 0
----
-
-This section contains guides for common use cases.
-
-If you can't find what you're looking for, [raise an issue](https://github.com/nextauthjs/next-auth/issues/new?assignees=&labels=triage%2Cdocumentation&template=4_documentation.yml).
-
-:::warning Warning
-Guides are being migrated from the [old documentation page](https://next-auth.js.org), so there are going to be references to `next-auth` still. We are continuously working on updating the naming/references.
-:::

docs/docs/guides/providers/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Providers",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/guides/providers/custom-provider.md

@@ -1,112 +0,0 @@
----
-title: OAuth Provider
----
-
-Auth.js comes with a set of built-in OAuth providers that you can import from `@auth/core/providers/*`. Every provider has their separate documentation page under the [core package's API Reference](/reference/core)
-
-
-## Use your own provider
-
-However, you can use _any_ provider as long as they are compliant with the OAuth/OIDC specifications.
-
-Auth.js uses the [`oauth4webapi`](https://github.com/panva/oauth4webapi/blob/main/docs/README.md) package under the hood.
-
-To use a custom OAuth provider with Auth.js, pass an object to the [`providers` list](/reference/core#providers).
-
-It can implement either the [`OAuth2Config`](/reference/core/providers#oauth2configprofile) or the [`OIDCConfig`](/reference/core/providers#oidcconfigprofile) interface, depending on if your provider is OAuth 2 or OpenID Connect compliant.
-
-For example, if you have a fully OIDC-compliant provider, this is all you need:
-
-```ts
-import type { OIDCConfig } from "@auth/core/providers"
-
-...
-providers: [
-  {
-    id: "my-oidc-provider",
-    name: "My Provider",
-    type: "oidc",
-    issuer: "https://my.oidc-provider.com",
-    clientId: process.env.CLIENT_ID,
-    clientSecret: process.env.CLIENT_SECRET
-  } satisfies OIDCConfig
-]
-...
-```
-
-Then, you can set the [Redirect URI](https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-07.html#name-client-redirection-endpoint) in your provider's dashboard to something like `https://app-url.com/{path-to-auth-handler}/callback/my-oidc-provider`.
-
-`{path-to-auth-handler}` is _usually_ `auth` or `api/auth`, depending on your framework of your choice.
-`my-oidc-provider` matches the `id` you set in the [`providers` list](/reference/core#providers).
-
-
-## Override default provider config
-
-For built-in providers, in most cases you will only need to specify the `clientId` and `clientSecret`, and in case of OIDC providers, the `issuer` property. If you need to override any of the defaults, you can add them in the provider's function call and they will be deep-merged with the default configuration options.
-
-:::note
-The user provided options are deeply merged with the default options. That means you only have to override part of the options that you need to be different. For example if you want different scopes, overriding `authorization.params.scope` is enough, instead of the whole `authorization` option.
-:::
-
-
-For example, to override a provider's default scopes, you can do the following:
-
-```ts
-import Auth0Provider from "@auth/core/providers/auth0"
-
-Auth0Provider({
-  clientId: process.env.CLIENT_ID,
-  clientSecret: process.env.CLIENT_SECRET,
-  issuer: process.env.ISSUER,
-  authorization: { params: { scope: "openid your_custom_scope" } },
-})
-```
-
-Another example, the `profile` callback will return `id`, `name`, `email` and `picture` by default, but you might want to return more information from the provider. After setting the correct scopes, you can then do something like this:
-
-```ts
-import GoogleProvider from "@auth/core/providers/google"
-
-GoogleProvider({
-  clientId: process.env.GOOGLE_CLIENT_ID,
-  clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-  profile(profile) {
-    return {
-      // Return all the profile information you need.
-      // The only truly required field is `id`
-      // to be able identify the account when added to a database
-    }
-  },
-})
-```
-
-An example of how to enable automatic account linking:
-
-```ts
-import GoogleProvider from "@auth/core/providers/google"
-
-GoogleProvider({
-  clientId: process.env.GOOGLE_CLIENT_ID,
-  clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-  allowDangerousEmailAccountLinking: true,
-})
-```
-
-## Adding a new built-in provider
-
-If you think your custom provider might be useful to others, we encourage you to open a PR and add it to the built-in list.
-
-:::note
-We are only accepting new providers to `@auth/core`, and not `next-auth`. Follow the steps below to make sure your PR is merged!
-:::
-
-1. Create a new `{provider}.ts` (for it to get merged, you must use TypeScript) file under the [`packages/core/src/providers`](https://github.com/nextauthjs/next-auth/tree/main/packages/core/src/providers) directory.
-2. Make sure that you are following other providers, ie.:
-  - Use a named default export: `export default function YourProvider`
-  - Export the TypeScript `interface` that defines the provider's available user info properties
-  - Add the necessary JSDoc comments/documentation (Study the built-in providers to get an understanding what's needed. For example, the [Auth0 provider](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/auth0.ts) is a good example for OIDC and the [GitHub Provider](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/github.ts) is an OAuth provider.)
-  - Add links to the provider's API reference/documentation so others can understand how to use the provider
-3. Add the new provider name to the `Provider type` dropdown options in [`the provider issue template`](https://github.com/nextauthjs/next-auth/edit/main/.github/ISSUE_TEMPLATE/2_bug_provider.yml)
-4. (Optional): Add a logo `{provider}.svg` to the [`docs/static/img/providers`](https://github.com/nextauthjs/next-auth/tree/main/docs/static/img/providers) directory.
-
-That's it! 🎉 Others will be able to discover and use this provider!

docs/docs/guides/providers/email-http-api.md

@@ -1,109 +0,0 @@
----
-id: email-http
-title: HTTP-based Email Provider
----
-
-## Introduction
-
-:::note
-The following guide is written for `next-auth` (NextAuth.js), but it should work for any of the Auth.js framework libraries (`@auth/*`) as well.
-:::
-
-
-There is a built-in Email provider with which you could connect to the SMTP server of your choice to send "magic link" emails for sign-in purposes. However, the Email provider can also be used with HTTP-based email services, like AWS SES, Postmark, Sendgrid, etc. In this guide, we are going to explain how to use our Email magic link provider with any of the more modern HTTP-based Email APIs.
-
-For this example, we will be using [SendGrid](https://sendgrid.com), but any email service providing an HTTP API or JS client library will work.
-We will also refer to the [Prisma Adapter](/reference/adapter/prisma). A [database adapter](/adapters/overview) is a requirement for the Email provider.
-
-## Setup
-
-First, if you do not have a project using Auth.js, clone and set up a basic Auth.js project like the one [provided in](https://github.com/nextauthjs/next-auth-example.git) our example repo](https://github.com/nextauthjs/next-auth-example.git).
-
-- Install the [Prisma Adapter](/reference/adapter/prisma)
-- Generate an API key from your cloud Email provider of choice and add it to your `.env.*` file. For example, mine is going to be called `SENDGRID_API`
-- Add the following configuration to your configuration file:
-
-```js title="pages/api/auth/[...nextauth].ts"
-import NextAuth, { NextAuthOptions } from "next-auth"
-import { PrismaAdapter } from "@next-auth/prisma-adapter"
-import { PrismaClient } from "@prisma/client"
-
-const prisma = new PrismaClient()
-
-export const authOptions: NextAuthOptions = {
-  adapter: PrismaAdapter(prisma),
-  providers: [
-    {
-      id: 'sendgrid',
-      type: 'email',
-      async sendVerificationRequest({identifier: email, url}) {
-      }
-    }
-  ],
-}
-
-export default NextAuth(authOptions)
-```
-
-Next, all that's left to do is call the HTTP endpoint from our cloud email provider and pass it the required metadata like the `to` address, the email `body`, and any other fields we may need to include.
-
-As mentioned earlier, we're going to be using SendGrid in this example, so the appropriate endpoint is `https://api.sendgrid.com/v3/mail/send` ([more info](https://docs.sendgrid.com/for-developers/sending-email/api-getting-started)). Therefore, we're going to pull out some of the important information from the `params` argument and use it in a `fetch()` call to the previously mentioned SendGrid API.
-
-```js title="pages/api/auth/[...nextauth].ts"
-import NextAuth, { NextAuthOptions } from "next-auth"
-import { PrismaAdapter } from "@next-auth/prisma-adapter"
-import { PrismaClient } from "@prisma/client"
-
-const prisma = new PrismaClient()
-
-export const authOptions: NextAuthOptions = {
-  adapter: PrismaAdapter(prisma),
-  providers: [
-    {
-      id: 'sendgrid',
-      type: 'email',
-      async sendVerificationRequest({identifier: email, url}) {
-        // highlight-start
-        // Call the cloud Email provider API for sending emails
-        // See https://docs.sendgrid.com/api-reference/mail-send/mail-send
-        const response = await fetch("https://api.sendgrid.com/v3/mail/send", {
-          // The body format will vary depending on provider, please see their documentation
-          // for further details.
-          body: JSON.stringify({
-            personalizations: [{ to: [{ email }] }],
-            from: { email: "noreply@company.com" },
-            subject: "Sign in to Your page",
-            content: [
-              {
-                type: "text/plain",
-                value: `Please click here to authenticate - ${url}`,
-              },
-            ],
-          }),
-          headers: {
-            // Authentication will also vary from provider to provider, please see their docs.
-            Authorization: `Bearer ${process.env.SENDGRID_API}`,
-            "Content-Type": "application/json",
-          },
-          method: "POST",
-        })
-
-        if (!response.ok) {
-          const { errors } = await response.json()
-          throw new Error(JSON.stringify(errors))
-        }
-        // highlight-end
-      },
-    }
-  ],
-}
-```
-
-And that's all we need to do to send Emails via an HTTP API! Note here that the example is only using `text/plain` as the body type. You'll probably want to change that to `text/html` and pass in a nice-looking HTML email. See, for example, our `html` function in [the Auth.js docs](/providers/email#customizing-emails).
-
-To sign in via this custom provider, you would refer to it by the `id` in when you are calling the sign-in method, for example: `signIn('sendgrid', { email: 'user@company.com' })`.
-
-## References
-
-- [Email provider documentation with HTML generation and more](/reference/core/modules/providers_email)
-- [SendGrid JSON Body documentation](https://docs.sendgrid.com/api-reference/mail-send/mail-send#body)

docs/docs/guides/resources.md

@@ -1,118 +0,0 @@
----
-id: resources
-title: Community resources
----
-
-> These tutorials are contributed by the community.
-> **New submissions and edits are welcome!**
-
-## Basics
-
-#### [Introduction to Auth.js](https://www.youtube.com/watch?v=npZsJxWntJM) <svg role="img" viewBox="0 0 24 24" height="24" width="24" style={{ marginLeft: '5px', marginBottom:'-6px'}} xmlns="http://www.w3.org/2000/svg"><title>YouTube</title><path fill="#ff0000" d="M23.498 6.186a3.016 3.016 0 0 0-2.122-2.136C19.505 3.545 12 3.545 12 3.545s-7.505 0-9.377.505A3.017 3.017 0 0 0 .502 6.186C0 8.07 0 12 0 12s0 3.93.502 5.814a3.016 3.016 0 0 0 2.122 2.136c1.871.505 9.376.505 9.376.505s7.505 0 9.377-.505a3.015 3.015 0 0 0 2.122-2.136C24 15.93 24 12 24 12s0-3.93-.502-5.814zM9.545 15.568V8.432L15.818 12l-6.273 3.568z"/></svg>
-
-- This is an introductory video to Auth.js for beginners. In this video, it is explained how to set up authentication in a few easy steps and add different configurations to make it more robust and secure.
-
-#### [Authentication patterns for Next.js](https://nextjs.org/docs/authentication) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title><path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- Next.js supports multiple patterns for authentication, each designed for different use cases. This guide will allow you to choose your adventure based on your constraints. By Lee Robinson.
-
-#### [Adding Authentication to an existing Next.js Application in no time!](https://dev.to/ndom91/adding-authentication-to-an-existing-serverless-next-js-app-in-no-time-with-nextauth-js-192h) <svg style={{ marginLeft: '5px', marginBottom:'-6px'}} width="30" height="25" viewBox="0 0 50 40" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="50" height="40" rx="3" style={{ fill: '#000' }}></rect><path d="M19.099 23.508c0 1.31-.423 2.388-1.27 3.234-.838.839-1.942 1.258-3.312 1.258h-4.403V12.277h4.492c1.31 0 2.385.423 3.224 1.27.846.838 1.269 1.912 1.269 3.223v6.738zm-2.808 0V16.77c0-.562-.187-.981-.562-1.258-.374-.285-.748-.427-1.122-.427h-1.685v10.107h1.684c.375 0 .75-.138 1.123-.415.375-.285.562-.708.562-1.27zM28.185 28h-5.896c-.562 0-1.03-.187-1.404-.561-.375-.375-.562-.843-.562-1.404V14.243c0-.562.187-1.03.562-1.404.374-.375.842-.562 1.404-.562h5.896v2.808H23.13v3.65h3.088v2.808h-3.088v3.65h5.054V28zm7.12 0c-.936 0-1.684-.655-2.246-1.965l-3.65-13.758h3.089l2.807 10.804 2.808-10.804H41.2l-3.65 13.758C36.99 27.345 36.241 28 35.305 28z" style={{ fill: '#fff' }}></path></svg>
-
-- This tutorial walks one through adding Auth.js to an existing project. Including setting up the OAuth client id and secret, adding the API routes for authentication, protecting pages and API routes behind that authentication, etc.
-
-#### [Adding social authentication support to a Next.js app](https://getstarted.sh/bulletproof-next/add-social-authentication) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- A tutorial by Arunoda Susirpiala. Checkout [GetStarted](https://getstarted.sh/) for more examples.
-
-#### [How to Authenticate Next.js Apps with Twitter & Auth.js](https://spacejelly.dev/posts/how-to-authenticate-next-js-apps-with-twitter-nextauth-js/) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- Learn how to add Twitter authentication and login to a Next.js app both client-side and server-side with Auth.js.
-
-#### [NextJS Authentication Crash Course with Auth.js](https://youtu.be/o_wZIVmWteQ) <svg role="img" viewBox="0 0 24 24" height="24" width="24" style={{ marginLeft: '5px', marginBottom:'-6px'}} xmlns="http://www.w3.org/2000/svg"><title>YouTube</title><path fill="#ff0000" d="M23.498 6.186a3.016 3.016 0 0 0-2.122-2.136C19.505 3.545 12 3.545 12 3.545s-7.505 0-9.377.505A3.017 3.017 0 0 0 .502 6.186C0 8.07 0 12 0 12s0 3.93.502 5.814a3.016 3.016 0 0 0 2.122 2.136c1.871.505 9.376.505 9.376.505s7.505 0 9.377-.505a3.015 3.015 0 0 0 2.122-2.136C24 15.93 24 12 24 12s0-3.93-.502-5.814zM9.545 15.568V8.432L15.818 12l-6.273 3.568z"/></svg>
-
-- This tutorial dives into the ins and outs of NextAuth, including using the Email, Github, Twitter and Auth0 providers in under an hour.
-
-#### [Create your own Auth.js Login Pages](https://youtu.be/kB6YNYZ63fw) <svg role="img" viewBox="0 0 24 24" height="24" width="24" style={{ marginLeft: '5px', marginBottom:'-6px'}} xmlns="http://www.w3.org/2000/svg"><title>YouTube</title><path fill="#ff0000" d="M23.498 6.186a3.016 3.016 0 0 0-2.122-2.136C19.505 3.545 12 3.545 12 3.545s-7.505 0-9.377.505A3.017 3.017 0 0 0 .502 6.186C0 8.07 0 12 0 12s0 3.93.502 5.814a3.016 3.016 0 0 0 2.122 2.136c1.871.505 9.376.505 9.376.505s7.505 0 9.377-.505a3.015 3.015 0 0 0 2.122-2.136C24 15.93 24 12 24 12s0-3.93-.502-5.814zM9.545 15.568V8.432L15.818 12l-6.273 3.568z"/></svg>
-
-- This tutorial shows you how to jump in and create your own custom login pages versus using the ones provided by Auth.js
-
-#### [Passwordless Authentication with next-auth](https://www.youtube.com/watch?v=GPBD3acOx_M) <svg role="img" viewBox="0 0 24 24" height="24" width="24" style={{ marginLeft: '5px', marginBottom:'-6px'}} xmlns="http://www.w3.org/2000/svg"><title>YouTube</title><path fill="#ff0000" d="M23.498 6.186a3.016 3.016 0 0 0-2.122-2.136C19.505 3.545 12 3.545 12 3.545s-7.505 0-9.377.505A3.017 3.017 0 0 0 .502 6.186C0 8.07 0 12 0 12s0 3.93.502 5.814a3.016 3.016 0 0 0 2.122 2.136c1.871.505 9.376.505 9.376.505s7.505 0 9.377-.505a3.015 3.015 0 0 0 2.122-2.136C24 15.93 24 12 24 12s0-3.93-.502-5.814zM9.545 15.568V8.432L15.818 12l-6.273 3.568z"/></svg>
-
-- A video tutorial by Xiaoru Li from Prisma.
-
-#### [How to authenticate Next.js Apps with Sign-In With Ethereum (SIWE) & Auth.js](https://docs.login.xyz/integrations/Auth.js) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- Learn how to use Sign-In With Ethereum to authenticate your users with their existing Ethereum wallets - identifiers they personally control.
-- Example application: [spruceid/siwe-next-auth-example](https://github.com/spruceid/siwe-next-auth-example)
-
-#### [Next.js Authentication with Okta and Auth.js 4.0](https://thetombomb.com/posts/nextjs-nextauth-okta) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- Learn how to perform authentication with an OIDC Application in Okta and Auth.js.
-
-## Fullstack
-
-#### [Build a FullStack App with Next.js, Auth.js, Supabase & Prisma](https://themodern.dev/courses/build-a-fullstack-app-with-nextjs-supabase-and-prisma-322389284337222224) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-In this [free course](https://themodern.dev/courses/build-a-fullstack-app-with-nextjs-supabase-and-prisma-322389284337222224), you'll learn how to build a full-stack app using the following technologies:
-
-- **Next.js** - The React framework for building the UI of the app and the REST API
-- **Auth.js** - For implementing passwordless and OAuth authentication
-- **Supabase** - For persisting the app data into a PostgreSQL database and storing media files
-- **Prisma** - For making it easy to read and write data from our app from and to the database
-
-The app that we'll work on in this course is called **_SupaVacation_**. It is an online marketplace for vacation rentals where users can browse through all the properties for rent, bookmark their favorite ones, and even rent their own properties.
-
-> Here's [a live demo](https://supa-vacation.vercel.app/) of the app's final version. It is what your app should look likes after completing this course. Feel free to play with it to get an overview of all the features you'll be working on.
-
-#### [Magic Link Authentication in Next.js with NextAuth and Fauna](https://alterclass.io/tutorials/magic-link-authentication-in-nextjs-with-nextauth-and-fauna) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-Learn how to implement passwordless/magic link authentication with database storage in your Next.js projects using NextAuth and Fauna DB.
-
-> The final version of the project's code can be found on [Github](https://github.com/AlterClassIO/magic-next-auth). You can use it as a starting point for any Next.js app that requires passwordless authentication.
-
-> You can also preview the example live [here](https://magic-next-auth.vercel.app/).
-
-This tutorial covers:
-
-- Configuring Next.js, Auth.js, and Fauna to work together seamlessly
-- Using Next.js dynamic API routes to handle authentication requests
-- Using Fauna and the Fauna Adapter for `next-auth` to persist users, email sign in tokens, and sessions
-- Creating custom login and confirmation pages with React + Tailwind CSS
-- Customizing the sign-in email and sending a welcome email to new users
-
-#### [Passwordless Authentication with Next.js, Prisma, and next-auth](https://dev.to/prisma/passwordless-authentication-with-next-js-prisma-and-next-auth-5g8g) <svg style={{ marginLeft: '5px', marginBottom:'-6px'}} width="30" height="25" viewBox="0 0 50 40" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="50" height="40" rx="3" style={{ fill: '#000' }}></rect><path d="M19.099 23.508c0 1.31-.423 2.388-1.27 3.234-.838.839-1.942 1.258-3.312 1.258h-4.403V12.277h4.492c1.31 0 2.385.423 3.224 1.27.846.838 1.269 1.912 1.269 3.223v6.738zm-2.808 0V16.77c0-.562-.187-.981-.562-1.258-.374-.285-.748-.427-1.122-.427h-1.685v10.107h1.684c.375 0 .75-.138 1.123-.415.375-.285.562-.708.562-1.27zM28.185 28h-5.896c-.562 0-1.03-.187-1.404-.561-.375-.375-.562-.843-.562-1.404V14.243c0-.562.187-1.03.562-1.404.374-.375.842-.562 1.404-.562h5.896v2.808H23.13v3.65h3.088v2.808h-3.088v3.65h5.054V28zm7.12 0c-.936 0-1.684-.655-2.246-1.965l-3.65-13.758h3.089l2.807 10.804 2.808-10.804H41.2l-3.65 13.758C36.99 27.345 36.241 28 35.305 28z" style={{ fill: '#fff' }}></path></svg>
-
-- In this post, you'll learn how to add passwordless authentication to your Next.js app using Prisma and next-auth. By the end of this tutorial, your users will be able to log in to your app with either their GitHub account or a Slack-styled magic link sent right to their Email inbox. By Xiaoru Li.
-
-#### [Fullstack Authentication Example with Next.js and Auth.js](https://github.com/prisma/prisma-examples/tree/latest/typescript/rest-nextjs-api-routes-auth) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- This example shows how to implement a full-stack app in TypeScript with Next.js using Prisma Client as a backend. It also demonstrates how to implement authentication using Auth.js. By Nikolas Burk at Prisma.
-
-## Advanced
-
-#### [Add auth support to a Next.js app with a custom backend](https://arunoda.me/blog/add-auth-support-to-a-next-js-app-with-a-custom-backend) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- A tutorial by Arunoda Susirpiala.
-
-#### [How to Configure Azure AD B2C Authentication with Next.js](https://benjaminwfox.com/blog/tech/how-to-configure-azure-b2c-with-nextjs) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- Configuring authentication with Azure B2C in Next.js is not a particularly straight forward process. We'll look at how to facilitate this using the Auth.js library. By Ben Fox.
-
-#### [Sign in with Apple in NextJS](https://thesiddd.com/blog/apple-auth) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- This tutorial walks step by step on how to get sign in with Apple working (both locally and on a deployed website) using Auth.js.
-
-#### [Using Auth.js with Magic links](https://dev.to/narciero/using-nextauth-js-with-magic-links-df4) <svg style={{ marginLeft: '5px', marginBottom:'-6px'}} width="30" height="25" viewBox="0 0 50 40" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="50" height="40" rx="3" style={{ fill: '#000' }}></rect><path d="M19.099 23.508c0 1.31-.423 2.388-1.27 3.234-.838.839-1.942 1.258-3.312 1.258h-4.403V12.277h4.492c1.31 0 2.385.423 3.224 1.27.846.838 1.269 1.912 1.269 3.223v6.738zm-2.808 0V16.77c0-.562-.187-.981-.562-1.258-.374-.285-.748-.427-1.122-.427h-1.685v10.107h1.684c.375 0 .75-.138 1.123-.415.375-.285.562-.708.562-1.27zM28.185 28h-5.896c-.562 0-1.03-.187-1.404-.561-.375-.375-.562-.843-.562-1.404V14.243c0-.562.187-1.03.562-1.404.374-.375.842-.562 1.404-.562h5.896v2.808H23.13v3.65h3.088v2.808h-3.088v3.65h5.054V28zm7.12 0c-.936 0-1.684-.655-2.246-1.965l-3.65-13.758h3.089l2.807 10.804 2.808-10.804H41.2l-3.65 13.758C36.99 27.345 36.241 28 35.305 28z" style={{ fill: '#fff' }}></path></svg>
-
-- Learn how to use [Magic.Link](https://magic.link) authentication with [Auth.js](https://authjs.dev) to enable passwordless authentication without a database.
-
-## Database
-
-#### [Create a Auth.js Custom Adapter with HarperDB & Next.js](https://spacejelly.dev/posts/how-to-create-a-nextauth-js-custom-adapter-with-harperdb-next-js/) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- Use a custom database in a Custom Adapter for persisted Auth.js sessions using HarperDB as an example.
-- Video tutorial also available: <https://www.youtube.com/watch?v=pu7xBv7sZ8s>
-
-#### [Using Auth.js with Prisma and PlanetScale serverless databases](https://github.com/planetscale/nextjs-planetscale-starter) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-- How to set up a PlanetScale database to fetch and store user / account data with the Prisma adapter.

docs/docs/guides/testing/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Testing",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/reference/adapters/_category_.json

@@ -1,5 +0,0 @@
-{
-  "label": "Database adapters",
-  "collapsible": true,
-  "collapsed": true
-}

docs/docs/reference/adapters/index.md

@@ -1,189 +0,0 @@
----
-title: Overview
----
-
-Using an Auth.js / NextAuth.js adapter you can connect to any database service or even several different services at the same time. The following listed official adapters are created and maintained by the community:
-
-<div class="adapter-card-list">
-  <a href="/reference/adapter/dgraph" class="adapter-card">
-    <img src="/img/adapters/dgraph.png" width="30" />
-    <h4 class="adapter-card__title">Dgraph Adapter</h4>
-  </a>
-  <a href="/reference/adapter/dynamodb" class="adapter-card">
-    <img src="/img/adapters/dynamodb.png" width="30" />
-    <h4 class="adapter-card__title">DynamoDB Adapter</h4>
-  </a>
-  <a href="/reference/adapter/fauna" class="adapter-card">
-    <img src="/img/adapters/fauna.png" width="30" />
-    <h4 class="adapter-card__title">Fauna Adapter</h4>
-  </a>
-  <a href="/reference/adapter/firebase" class="adapter-card">
-    <img src="/img/adapters/firebase.svg" width="40" />
-    <h4 class="adapter-card__title">Firebase Adapter</h4>
-  </a>
-  <a href="/reference/adapter/mikro-orm" class="adapter-card">
-    <img src="/img/adapters/mikro-orm.png" width="30" />
-    <h4 class="adapter-card__title">Mikro ORM Adapter</h4>
-  </a>
-  <a href="/reference/adapter/mongodb" class="adapter-card">
-    <img src="/img/adapters/mongodb.svg" width="15" />
-    <h4 class="adapter-card__title">MongoDB Adapter</h4>
-  </a>
-  <a href="/reference/adapter/neo4j" class="adapter-card">
-    <img src="/img/adapters/neo4j.svg" width="50" />
-    <h4 class="adapter-card__title">Neo4j Adapter</h4>
-  </a>
-  <a href="/reference/adapter/pouchdb" class="adapter-card">
-    <img src="/img/adapters/pouchdb.svg" width="20" />
-    <h4 class="adapter-card__title">PouchDB Adapter</h4>
-  </a>
-  <a href="/reference/adapter/prisma" class="adapter-card">
-    <img src="/img/adapters/prisma.svg" width="30" />
-    <h4 class="adapter-card__title">Prisma Adapter</h4>
-  </a>
-  <a href="/reference/adapter/sequelize" class="adapter-card">
-    <img src="/img/adapters/sequelize.svg" width="30" />
-    <h4 class="adapter-card__title">Sequelize Adapter</h4>
-  </a>
-  <a href="/reference/adapter/supabase" class="adapter-card">
-    <img src="/img/adapters/supabase.svg" width="25" />
-    <h4 class="adapter-card__title">Supabase Adapter</h4>
-  </a>
-  <a href="/reference/adapter/typeorm" class="adapter-card">
-    <img src="/img/adapters/typeorm.png" width="30" />
-    <h4 class="adapter-card__title">TypeORM Adapter</h4>
-  </a>
-  <a href="/reference/adapter/upstash-redis" class="adapter-card">
-    <img src="/img/adapters/upstash-redis.svg" width="30" />
-    <h4 class="adapter-card__title">Upstash Adapter</h4>
-  </a>
-  <a href="/reference/adapter/xata" class="adapter-card">
-    <img src="/img/adapters/xata.svg" width="20" />
-    <h4 class="adapter-card__title">Xata Adapter</h4>
-  </a>
-</div>
-
-:::info
-If you don't find an adapter for the database or service you use, you can always create one yourself. Have a look at our guide on [how to create a database adapter](/guides/adapters/creating-a-database-adapter).
-:::
-
-
-## Models
-
-
-Auth.js can be used with any database. Models tell you what structures Auth.js expects from your database. Models will vary slightly depending on which adapter you use, but in general, will look something like this:
-
-```mermaid
-erDiagram
-    User ||--|{ Account : ""
-    User {
-      string id
-      string name
-      string email
-      timestamp emailVerified
-      string image
-    }
-    User ||--|{ Session : ""
-    Session {
-      string id
-      timestamp expires
-      string sessionToken
-      string userId
-    }
-    Account {
-      string id
-      string userId
-      string type
-      string provider
-      string providerAccountId
-      string refresh_token
-      string access_token
-      int expires_at
-      string token_type
-      string scope
-      string id_token
-      string session_state
-    }
-    VerificationToken {
-      string identifier
-      string token
-      timestamp expires
-    }
-```
-
-More information about each Model/Table can be found below.
-
-:::note
-You can [create your adapter](/guides/adapters/creating-a-database-adapter) if you want to use Auth.js with a database that is not supported out of the box, or you have to change fields on any of the models.
-:::
-
----
-
-### User
-
-The User model is for information such as the user's name and email address.
-
-Email address is optional, but if one is specified for a User, then it must be unique.
-
-:::note
-If a user first signs in with an OAuth provider, then their email address is automatically populated using the one from their OAuth profile if the OAuth provider returns one.
-
-This provides a way to contact users and for users to maintain access to their account and sign in using email in the event they are unable to sign in with the OAuth provider in the future (if the [Email Provider](/reference/core/providers_email) is configured).
-:::
-
-User creation in the database is automatic and happens when the user is logging in for the first time with a provider. 
-If the first sign-in is via the [OAuth Provider](/reference/core/providers_oauth), the default data saved is `id`, `name`, `email` and `image`. You can add more profile data by returning extra fields in your [OAuth provider](/guides/providers/custom-provider)'s [`profile()`](/reference/core/providers#profile) callback.
-
-If the first sign-in is via the [Email Provider](/reference/core/providers_email), then the saved user will have `id`, `email`, `emailVerified`, where `emailVerified` is the timestamp of when the user was created.
-
-### Account
-
-The Account model is for information about OAuth accounts associated with a User
-
-A single User can have multiple Accounts, but each Account can only have one User.
-
-Account creation in the database is automatic and happens when the user is logging in for the first time with a provider, or the [`Adapter.linkAccount`](/reference/core/adapters#linkaccount) method is invoked. The default data saved is `access_token`, `expires_at`, `refresh_token`, `id_token`, `token_type`, `scope` and `session_state`. You can save other fields or remove the ones you don't need by returning them in the [OAuth provider](/guides/providers/custom-provider)'s [`account()`](/reference/core/providers#account) callback.
-
-Linking Accounts to Users happen automatically, only when they have the same e-mail address, and the user is currently signed in. Check the [FAQ](/concepts/faq#security) for more information on why this is a requirement.
-
-:::tip
-You can manually unlink accounts if your adapter implements the `unlinkAccount` method. Make sure to take all the necessary security steps to avoid data loss.
-:::
-
-:::note
-Linking and unlinking accounts through an API is a planned feature: https://github.com/nextauthjs/next-auth/issues/230
-:::
-
-### Session
-
-The Session model is used for database sessions. It is not used if JSON Web Tokens are enabled. Keep in mind, that you can use a database to persist Users and Accounts, and still use JWT for sessions. See the [`session.strategy`](/reference/configuration/auth-config) option.
-
-A single User can have multiple Sessions, each Session can only have one User.
-
-:::tip
-When a Session is read, we check if its `expires` field indicates an invalid session, and delete it from the database. You can also do this clean-up periodically in the background to avoid our extra delete call to the database during an active session retrieval. This might result in a slight performance increase in a few cases.
-:::
-
-### Verification Token
-
-The Verification Token model is used to store tokens for passwordless sign in.
-
-A single User can have multiple open Verification Tokens (e.g. to sign in to different devices).
-
-It has been designed to be extendable for other verification purposes in the future (e.g. 2FA / magic codes, etc.).
-
-:::note
-Auth.js makes sure that every token is usable only once, and by default has a short (1 day, can be configured by [`maxAge`](/guides/providers/email)) lifetime. If your user did not manage to finish the sign-in flow in time, they will have to start the sign-in process again.
-:::
-
-:::tip
-Due to users forgetting or failing at the sign-in flow, you might end up with unwanted rows in your database, that you might have to periodically clean up to avoid filling the database up with unnecessary data.
-:::
-
-## RDBMS Naming Convention
-
-Auth.js / NextAuth.js uses `camelCase` for its database rows while respecting the conventional `snake_case` formatting for OAuth-related values. If the mixed casing is an issue for you, most adapters have a dedicated documentation section on how to force a casing convention.
-
-## TypeScript
-
-Check out the [`@auth/core/adapters` API Reference](/reference/core/adapters) documentation.

docs/docs/reference/index.md

@@ -1,32 +0,0 @@
----
-title: Overview
----
-
-This section of the documentation contains the API reference for all the official packages under the `@auth/*` and `@next-auth/*` scopes.
-
-:::warning Warning
-The API reference is being migrated from the [old documentation page](https://next-auth.js.org), so there are going to be references to `next-auth` still. We are continuously working on updating the naming/references.
-:::
-
-## Roadmap
-
-Here are the _currently_ planned and released packages under the `@auth/*` scope. This is not an exhaustive list, but the set of packages that we would like to focus on to begin with.
-
-|       Feature       |  Status  |
-| ------------------- | -------- |
-| `@auth/nextjs`      | Planned  |
-| `@auth/*-adapter`   | Planned  |
-| `@auth/core`        | Experimental |
-| `@auth/sveltekit`   | Experimental |
-| `@auth/solid-start` | Experimental |
-
-### Community Packages
-
-While we are migrating the documentation and working on stabilizing the core package, the community has been working on some packages that are already available. With collaboration, we hope to make these packages official in the future.
-
-:::note
-If you are a maintainer of a package, [reach out](https://twitter.com/balazsorban44) if you want to collaborate on making it official or open a PR to add it to the list below, so others can discover it more easily.
-:::
-
-- ...
-- ...

docs/docs/reference/warnings.md

@@ -1,15 +0,0 @@
----
-id: warnings
-title: Warnings
----
-
-A list of warnings from Auth.js that need your attention.
-
-
-## Debug enabled
-
-The `debug` option was evaluated to `true`. It adds extra logs in the terminal which is useful in development, but since it can print sensitive information about users, make sure to set this to `false` in production. In Node.js environments, you can for example set `debug: process.env.NODE_ENV !== "production"`. Consult with your runtime/framework on how to set this value correctly.
-
-## CSRF disabled
-
-You were trying to get a CSRF response from Auth.js (eg.: by calling a `/csrf` endpoint), but in this setup, CSRF protection via Auth.js was turned off. This is likely if you are not directly using `@auth/core` but a framework library (like `@auth/sveltekit`) that already has CSRF protection built-in. You likely won't need the CSRF response.

docs/docusaurus.config.js

@@ -1,357 +0,0 @@
-// @ts-check
-
-const fs = require("fs")
-const path = require("path")
-
-// list providers entries from @auth/core/providers/*.ts
-const coreSrc = "../packages/core/src"
-const providers = fs
-  .readdirSync(path.join(__dirname, coreSrc, "/providers"))
-  .filter((file) => file.endsWith(".ts"))
-  .map((p) => `${coreSrc}/providers/${p}`)
-
-const typedocConfig = require("./typedoc.json")
-// @ts-expect-error
-delete typedocConfig.$schema
-
-/**
- * @param {string} name
- * @returns Record<[string, any]>
- */
-function typedocAdapter(name) {
-  const slug = name.toLowerCase().replace(" ", "-")
-
-  return [
-    "docusaurus-plugin-typedoc",
-    {
-      id: slug,
-      plugin: [require.resolve("./typedoc-mdn-links")],
-      watch: process.env.TYPEDOC_WATCH,
-      entryPoints: [`../packages/adapter-${slug}/src/index.ts`],
-      tsconfig: `../packages/adapter-${slug}/tsconfig.json`,
-      out: `reference/adapter/${slug}`,
-      sidebar: {
-        indexLabel: name,
-      },
-      ...typedocConfig,
-    },
-  ]
-}
-
-/** @type {import("@docusaurus/types").Config} */
-const docusaurusConfig = {
-  markdown: {
-    mermaid: true,
-  },
-  themes: ["@docusaurus/theme-mermaid"],
-  title: "Auth.js",
-  tagline: "Authentication for the Web.",
-  url: "https://authjs.dev",
-  baseUrl: "/",
-  favicon: "img/favicon.ico",
-  trailingSlash: false,
-  organizationName: "nextauthjs",
-  // TODO: remove this once ready
-  onBrokenLinks: "log",
-  projectName: "next-auth",
-  themeConfig: {
-    prism: {
-      theme: require("prism-react-renderer/themes/nightOwl"),
-      magicComments: [
-        {
-          className: "theme-code-block-highlighted-line",
-          line: "highlight-next-line",
-          block: { start: "highlight-start", end: "highlight-end" },
-        },
-      ],
-    },
-    algolia: {
-      appId: "OUEDA16KPG",
-      apiKey: "97c0894508f2d1d4a2fef4fe6db28448",
-      indexName: "next-auth",
-      searchParameters: {},
-      contextualSearch: false,
-      externalUrlRegex: "authjs\\.dev|next-auth\\.js\\.org",
-    },
-    navbar: {
-      title: "Auth.js",
-      logo: {
-        alt: "Auth.js Logo",
-        src: "img/logo/logo-xs.webp",
-      },
-      items: [
-        {
-          to: "/getting-started/introduction",
-          activeBasePath: "/getting-started/",
-          label: "Getting started",
-          position: "left",
-        },
-        {
-          to: "/guides",
-          activeBasePath: "/guides",
-          label: "Guides",
-          position: "left",
-        },
-        {
-          to: "/reference",
-          activeBasePath: "/reference",
-          label: "API Reference",
-          position: "left",
-        },
-        {
-          to: "/concepts/faq",
-          activeBasePath: "/concepts",
-          label: "Concepts",
-          position: "left",
-        },
-        {
-          to: "/security",
-          activeBasePath: "/security",
-          label: "Security",
-          position: "left",
-        },
-        {
-          type: "docsVersionDropdown",
-          position: "right",
-          dropdownActiveClassDisabled: true,
-          dropdownItemsAfter: [
-            {
-              to: "https://github.com/nextauthjs/next-auth/releases",
-              label: "All Releases",
-            },
-          ],
-        },
-        {
-          to: "https://www.npmjs.com/package/next-auth",
-          label: "npm",
-          position: "right",
-        },
-        {
-          to: "https://github.com/nextauthjs/next-auth",
-          label: "GitHub",
-          position: "right",
-        },
-      ],
-    },
-    announcementBar: {
-      id: "new-major-announcement",
-      content:
-        "<a target='_blank' rel='noopener noreferrer' href='https://next-auth.js.org'>NextAuth.js</a> is becoming Auth.js! 🎉 <a target='_blank' rel='noopener noreferrer' href='https://twitter.com/balazsorban44/status/1603082914362986496'>Read the announcement.</a> Note, this site is under active development. 🏗",
-      backgroundColor: "#000",
-      textColor: "#fff",
-    },
-    footer: {
-      links: [
-        {
-          title: "About Auth.js",
-          items: [
-            {
-              label: "Introduction",
-              to: "/getting-started/introduction",
-            },
-            {
-              html: `
-            <a target="_blank" rel="noopener noreferrer" href="https://vercel.com?utm_source=authjs&utm_campaign=oss">
-              <img
-                alt="Powered by Vercel"
-                style="margin-top: 8px"
-                height="32"
-                width="167"
-                src="https://raw.githubusercontent.com/nextauthjs/next-auth/main/docs/static/img/powered-by-vercel.svg"
-              />
-            </a>`,
-            },
-          ],
-        },
-        {
-          title: "Download",
-          items: [
-            {
-              label: "GitHub",
-              to: "https://github.com/nextauthjs/next-auth",
-            },
-            {
-              label: "NPM",
-              to: "https://www.npmjs.com/package/next-auth",
-            },
-          ],
-        },
-        {
-          title: "Acknowledgements",
-          items: [
-            {
-              label: "Contributors",
-              to: "/contributors",
-            },
-            {
-              label: "Sponsors",
-              to: "https://opencollective.com/nextauth",
-            },
-            {
-              label: "Images by unDraw",
-              to: "https://undraw.co/",
-            },
-          ],
-        },
-      ],
-      copyright: `Auth.js &copy; Balázs Orbán ${new Date().getFullYear()}`,
-    },
-    colorMode: {
-      respectPrefersColorScheme: true,
-    },
-    docs: {
-      sidebar: {
-        autoCollapseCategories: true,
-      },
-    },
-  },
-  presets: [
-    [
-      "@docusaurus/preset-classic",
-      {
-        docs: {
-          breadcrumbs: false,
-          routeBasePath: "/",
-          sidebarPath: require.resolve("./sidebars.js"),
-          editUrl: "https://github.com/nextauthjs/next-auth/edit/main/docs",
-          lastVersion: "current",
-          showLastUpdateAuthor: true,
-          showLastUpdateTime: true,
-          remarkPlugins: [require("@sapphire/docusaurus-plugin-npm2yarn2pnpm").npm2yarn2pnpm],
-          versions: {
-            current: {
-              label: "experimental",
-            },
-          },
-        },
-        theme: {
-          customCss: require.resolve("./src/css/index.css"),
-        },
-      },
-    ],
-  ],
-  plugins: [
-    [
-      "docusaurus-plugin-typedoc",
-      {
-        ...typedocConfig,
-        id: "core",
-        plugin: [require.resolve("./typedoc-mdn-links")],
-        watch: process.env.TYPEDOC_WATCH,
-        entryPoints: ["index.ts", "adapters.ts", "errors.ts", "jwt.ts", "types.ts"].map((e) => `${coreSrc}/${e}`).concat(providers),
-        tsconfig: "../packages/core/tsconfig.json",
-        out: "reference/core",
-        sidebar: {
-          indexLabel: "index",
-        },
-      },
-    ],
-    [
-      "docusaurus-plugin-typedoc",
-      {
-        ...typedocConfig,
-        id: "sveltekit",
-        plugin: [require.resolve("./typedoc-mdn-links")],
-        watch: process.env.TYPEDOC_WATCH,
-        entryPoints: ["index.ts", "client.ts"].map((e) => `../packages/frameworks-sveltekit/src/lib/${e}`),
-        tsconfig: "../packages/frameworks-sveltekit/tsconfig.json",
-        out: "reference/sveltekit",
-        sidebar: {
-          indexLabel: "index",
-        },
-      },
-    ],
-    ...(process.env.TYPEDOC_SKIP_ADAPTERS
-      ? []
-      : [
-          typedocAdapter("Dgraph"),
-          typedocAdapter("DynamoDB"),
-          typedocAdapter("Fauna"),
-          typedocAdapter("Firebase"),
-          typedocAdapter("Mikro ORM"),
-          typedocAdapter("MongoDB"),
-          typedocAdapter("Neo4j"),
-          typedocAdapter("PouchDB"),
-          typedocAdapter("Prisma"),
-          typedocAdapter("TypeORM"),
-          typedocAdapter("Sequelize"),
-          typedocAdapter("Supabase"),
-          typedocAdapter("Upstash Redis"),
-          typedocAdapter("Xata"),
-        ]),
-  ],
-}
-
-docusaurusConfig.headTags = [
-  {
-    tagName: "meta",
-    attributes: {
-      charSet: "utf-8",
-    },
-  },
-  {
-    tagName: "link",
-    attributes: {
-      rel: "canonical",
-      href: docusaurusConfig.url,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      property: "og:title",
-      content: docusaurusConfig.title,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      property: "og:description",
-      content: docusaurusConfig.tagline,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      property: "og:image",
-      content: `${docusaurusConfig.url}/img/og-image.png`,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      property: "og:url",
-      content: docusaurusConfig.url,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      name: "twitter:card",
-      content: "summary_large_image",
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      name: "twitter:title",
-      content: docusaurusConfig.title,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      name: "twitter:description",
-      content: docusaurusConfig.tagline,
-    },
-  },
-  {
-    tagName: "meta",
-    attributes: {
-      name: "twitter:image",
-      content: `${docusaurusConfig.url}/img/og-image.png`,
-    },
-  },
-]
-
-module.exports = docusaurusConfig

docs/next-env.d.ts

@@ -1,6 +1,5 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
-/// <reference types="next/navigation-types/compat/navigation" />
 
 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/basic-features/typescript for more information.

docs/next.config.mjs

@@ -0,0 +1,26 @@
+import withNextra from "nextra"
+import RemarkLinkRewrite from "remark-link-rewrite"
+
+export default withNextra({
+  theme: "nextra-theme-docs",
+  themeConfig: "./theme.config.jsx",
+  mdxOptions: {
+    format: "detect",
+    remarkPlugins: [
+      [
+        RemarkLinkRewrite,
+        {
+          replacer(url) {
+            if (url.includes(".md")) {
+              url = url.replace(/\.md$/, "").replace(".md#", "#")
+            }
+            if (url.startsWith("https://authjs.dev")) {
+              url = url.replace("https://authjs.dev", "")
+            }
+            return url
+          },
+        },
+      ],
+    ],
+  },
+})()